Windows 10 security bug leaves your PC vulnerable to attack: here's how to patch it

Windows 10
(Image credit: Shutterstock)

Microsoft has released an urgent patch for Windows after the US National Security Agency (NSA) discovered a critical bug in the operating system.

As part of its regular Patch Tuesday, the company issued a fix for the CVE-2020-0601 vulnerability and the NSA says that anyone running Windows 10, Windows Server 2016 or Windows Server 2019 is "strongly encouraged" to install the patch.

This is the first time the NSA has publicly taken credit for the discovery of a software vulnerability, and the agency notified Microsoft to enable it to work on a fix. It is not thought that the vulnerability has been exploited as yet, but now that details are out in the wild it is imperative that all available updates are installed to keep Windows secure.

The problem exists in the Windows CryptoAPI (Crypt32.dll), and could enable an attacker to use fake security certificates to install malware under the guise of being valid software. Experts warn the vulnerability could also be exploited to attack networks.

In a tweet, the NSA advised Windows users about the bug and encouraged them to install the patch:

Get patched

Clearly the neither the NSA nor Microsoft want to give too many details about the vulnerability. It takes times for users to install patches and updates – particularly at a business level – so there is an understandable fear that attackers might try to take advantage of unpatched systems. Acknowledging that "sophisticated cyber actors will understand the underlying flaw very quickly", the NSA deems the vulnerability to be severe.

In an advisory notice posted online, the agency said that it "recommends installing all January 2020 Patch Tuesday patches as soon as possible to effectively mitigate the vulnerability on all Windows 10 and Windows Server 2016/2019 systems". For businesses and organisations with large numbers of computers to think about, the advice is to focus on patching the most vulnerable front-facing systems.

There's no time to waste, so make sure you check for updates right now so you have all of the latest patches installed. You can do this through Microsoft's website, or by clicking the Start button and navigating to Settings > Update & Security > Windows Update.

TOPICS
Sofia Elizabella Wyciślik-Wilson
Freelance writer

Sofia is a tech journalist who's been writing about software, hardware and the web for nearly 25 years – but still looks as youthful as ever! After years writing for magazines, her life moved online and remains fueled by technology, music and nature.

Having written for websites and magazines since 2000, producing a wide range of reviews, guides, tutorials, brochures, newsletters and more, she continues to write for diverse audiences, from computing newbies to advanced users and business clients. Always willing to try something new, she loves sharing new discoveries with others.

Sofia lives and breathes Windows, Android, iOS, macOS and just about anything with a power button, but her particular areas of interest include security, tweaking and privacy. Her other loves include walking, music, her two Malamutes and, of course, her wife and daughter.

You can find her on Twitter and Mastodon.

Latest in Security
Data leak
Top home hardware firm data leak could see millions of customers affected
Representational image depecting cybersecurity protection
Third-party security issues could be the biggest threat facing your business
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Android Logo
Devious new Android malware uses a Microsoft tool to avoid being spotted
URL phishing
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
Latest in News
Hisense U8 series TV on wall in living room
Hisense announces 2025 mini-LED TV lineup, with screen sizes up to 100 inches – and a surprising smart TV switch
Nintendo Music teaser art
Nintendo Music expands its library with songs from Kirby and the Forgotten Land and Tetris
An image of Pro-Ject's Flatten it closed and opened
Pro-Ject’s new vinyl flattener will fix any warped LPs you inadvertently buy on Record Store Day
The iPhone 16 Pro on a grey background
iPhone 17 Pro tipped to get 8K video recording – but I want these 3 video features instead
EA Sports F1 25 promotional image featuring drivers Oscar Piastri, Carlos Sainz and Oliver Bearman.
F1 25 has been officially announced, with this year's entry marking a return for Braking Point and a 'significant overhaul' for My Team mode
Garmin clippd integration
Garmin's golf watches just got a big software integration upgrade to help you improve your game