Microsoft has released its usual monthly package of security updates, known as Patch Tuesdayfor September 2024. The company has released fixes for several versions of Windows 10, addressing critical issues and improving the overall stability of systems.
Users can download manually these updates, known by the identifier KB5043064through the Microsoft Update Catalog or wait for automatic distribution via Windows Update. It is usually possible to “force” the update procedure through manual search in the appropriate screen of the operating system Settings. The package can be installed on mainstream versions of Windows 10 22H2and on Windows 10 21H2 edizioni Enterprise LTSC 2021 e IoT Enterprise LTSC 2021. Microsoft has also released LTSC updates for versions 1507, 1607, and 1809.
Windows 10, the news and fixes of the September Patch Tuesday
Among the most significant changes introduced is a change in the behavior of User Account Control (UAC) when repairing applications using Windows Installer. Previously, UAC did not prompt for credentials in these situations, but now you will need to provide them. This may require adjustments in existing automation scripts.
Some known issues remain. Some users may experience difficulties changing their profile picture after installing the update. Additionally, devices with a Windows-Linux dual-boot setup may experience difficulties booting the open-source operating system. As we wrote about the September Windows 11 updates, these difficulties stem from the implementation of new SBAT (Secure Boot Advanced Targeting) settings aimed at blocking outdated and vulnerable boot managers. Unfortunately, in some cases, dual-boot detection does not work properly, enforcing restrictions even when they are not necessary.
Microsoft ha Support for some older versions of Windows 10, specifically 20H2 and 1909, has been discontinuedas well as non-LTSC editions of 21H2. Users of these versions are encouraged to update their systems to continue receiving essential security patches.
The September 2024 Patch Tuesday also addressed 79 security vulnerabilitiesincluding four actively exploited zero-days. These include a Windows Installer vulnerability that allowed elevation of privilege, a Mark of the Web vulnerability that bypassed security features, a Microsoft Publisher issue that bypassed macro protections in downloaded documents, and a Windows Update vulnerability that allowed remote code execution. The company also fixed seven vulnerabilities rated critical, primarily related to remote code execution and elevation of privilege.
Source: www.hwupgrade.it
