Microsoft has released a patch for a “downgrade attack” bug recently disclosed by researchers at the Black Hat and Def Con security conferences.

What does that mean in layman’s terms?

You: Let me check if my system is fully updated

Windows: Sure, everything is fine

Attacker: *Smiles and launches an attack on a vulnerability that you could have patched long ago*

In a downgrade attack, the victim may do everything they can to keep their computer and software up to date, but an attacker could force the computer to revert to an older, vulnerable version and then use a known bug to infect your device.

With this particular attack, the researcher built a tool called “Windows Downdate” that takes over Windows Updates to turn a fully patched Windows system into one that can be exploited for thousands of past vulnerabilities.

Microsoft has now patched the two vulnerabilities in Windows (CVE-2024-38202 and CVE-2024-21302) that the researcher used to create Windows Downdate. To manually check if you have received this update:

• Click Institutions in the Start menu
• Click Windows update
• Select Update history

You should see this entry (KB5041585 successfully installed) for Windows 11:

If you don’t see this, you can start the update by clicking the button. Check for updates button of the Windows update menu, or download the relevant update from the Microsoft Update Catalog.

For Windows 10 systems the method is the same, but the KB number is KB5041580 and the update catalog can be found via this link.

We don’t just report threats, we remove them too

Cybersecurity risks should never go beyond a headline. Keep threats off your devices by downloading Malwarebytes today.