Microsoft has uncovered loads of Windows 11 security threats – here’s what you need to do

News
By published

Windows 10 is also affected

Young woman sitting on the floor with a laptop biting nails, nervous and very anxious
(Image credit: Asier Romero / Shutterstock)

Microsoft has revealed that it has discovered several serious security vulnerabilities in Windows 11, as well as other versions including Windows 10.

The revelations came as part of January 2022’s ‘Patch Tuesday’ – the day of the month that Microsoft releases a swathe of patches to fix issues in its software.

While many of the vulnerabilities, which don’t just affect new versions of Windows, but also older versions such as Windows 8, Windows 7 and Windows Server 2019, were fixed with patches, six of the threats were highlighted as zero day threats.

While many security vulnerabilities are thankfully found and fixed before malicious users find and exploit them, zero day threats are vulnerabilities that are already out in the wild, which means they are particularly worrying.

In total, Microsoft announced the existence of 97 new exploits – which is certainly a troubling number. As a report in Forbes explains, Microsoft has limited the information about the zero day exploits to ensure it has time to address them before they are exploited. Microsoft believes that so far, there have not been any attacks using the vulnerabilities. Obviously, though, time is of the essence.

The zero day vulnerabilities are:

  • Critical - CVE-2021-22947 - Open Source Curl Remote Code Execution Vulnerability
  • Important - CVE-2021-36976 - Libarchive Remote Code Execution Vulnerability
  • Important - CVE-2022-21919 - Windows User Profile Service Elevation of Privilege Vulnerability
  • Important - CVE-2022-21836 - Windows Certificate Spoofing Vulnerability
  • Important - CVE-2022-21874 - Windows Security Center API Remote Code Execution Vulnerability
  • Important - CVE-2022-21839 - Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability (limited to Windows 10 and Windows Server 2019)

Of the 97 vulnerabilities, eight are labeled as ‘critical’, with 88 labeled as ‘important’. This means they are particularly dangerous, so users should make sure they are protected against them as soon as possible.

What should you do?

Microsoft’s warning is certainly troubling, but there’s no need to panic, as long as you take some precautionary steps. While the zero day threats are in the wild, they’ve not been used and Microsoft is actively working on fixes.

Meanwhile, it has also created patches for many of the other vulnerabilities. So, the best thing you can do right now is ensure that Windows 11 (or whichever version you have installed) is updated with the latest security patches.

They should download automatically, and If that’s the case you may see a prompt in the taskbar to restart your PC. You may also notice when you go to turn off your PC that there are options to ‘Update and restart’ and ‘Update and shut down’ – make sure you pick one of those.

You should also check to make sure there are no updates waiting for you. To do this, open up Settings and go to Windows Update > Check for Updates. If any are found, download and install them.

If you have any anti-virus or anti-malware software installed, make sure they are updated as well.

Hopefully Microsoft will continue to investigate and fix these vulnerabilities ASAP.

See more Computing News
Matt Hanson
Matt Hanson
Managing Editor, Core Tech

Matt is TechRadar's Managing Editor for Core Tech, looking after computing and mobile technology. Having written for a number of publications such as PC Plus, PC Format, T3 and Linux Format, there's no aspect of technology that Matt isn't passionate about, especially computing and PC gaming. He’s personally reviewed and used most of the laptops in our best laptops guide - and since joining TechRadar in 2014, he's reviewed over 250 laptops and computing accessories personally.

Read more
Representational image of a cybercriminal
Microsoft just patched a host of worrying security issues, so update now
A hacker wearing a hoodie sitting at a computer, his face hidden.
Microsoft patches three worrying security flaws in its latest critical update, so update now
A laptop with the Windows 11 desktop on screen, glowing, while on a work desk
Are you unable to get security updates for Windows 11 24H2? Here’s the likely reason why, and the fix to get your PC safe and secure again
Representational image of a cybercriminal
Microsoft discovers five potentially damaging attacks against its own software
Angry businessman destroying his desk and laptop with a baseball bat
New patch for Windows 11 24H2 reportedly plays havoc with File Explorer, and some folks are claiming it's broken their PC
Flag of the People's Republic of China overlaid with a technological network of wires and circuits.
One of the biggest flaws exploited by Salt Typhoon hackers has had a patch available for years
Latest in Windows
A woman sitting in a chair looking at a Windows 11 laptop
It looks like Microsoft might have thought better about banishing Copilot AI shortcut from Windows 11
Using Zipped files and folders in Windows 11
Windows 11 should soon be faster at extracting files from compressed ZIPs – and it’s about time, frankly
Xbox Wireless Controller
Microsoft is adding a powerful new feature for using Xbox controllers with Windows 11
Woman disgusted by her laptop
Embarrassing Windows 11 bug that deleted Copilot app is now fixed – but will anyone outside of Microsoft care?
Student sat at a desk with a laptop in a dormitory looking at a mobile phone
Windows 11 could eventually help you understand how fast your PC is - as well as offer tips for making your PC or laptop faster for free
Windows 10
Microsoft gets into the spam game by again emailing Windows 10 users to prod them to upgrade to Windows 11 – is the nagging going too far now?
Latest in News
Zendesk Relate 2025
Zendesk Relate 2025 - everything you need to know as the event unfolds
Disney Plus logo with popcorn
You can finally tell Disney+ to stop bugging you about that terrible Marvel show you regret starting
Google Gemini AI
Gemini can now see your screen and judge your tabs
Girl wearing Meta Quest 3 headset interacting with a jungle playset
Latest Meta Quest 3 software beta teases a major design overhaul and VR screen sharing – and I need these updates now
Philips Hue
Philips Hue might be working on a video doorbell, and according to a new report, we just got our first look at it
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
More about windows
A woman sitting in a chair looking at a Windows 11 laptop

It looks like Microsoft might have thought better about banishing Copilot AI shortcut from Windows 11
Using Zipped files and folders in Windows 11

Windows 11 should soon be faster at extracting files from compressed ZIPs – and it’s about time, frankly
ai quantization

Shadow AI: the hidden risk of operational chaos
See more latest
Most Popular
Frank Castle pinning Matt Murdock against a locker in Daredevil: Born Again episode 4
What time is Daredevil: Born Again episode 5 going to be released on Disney+?
AMD Ryzen 9950X
I analyzed 25 AMD Zen 4 and Zen 5 CPUs and the Ryzen 9 9900X is the best of them all right now: Here’s why
Ugreen \00d7 Genshin Impact Kinich Collectible Gift Box and exclusive Genshin Impact merchandise.
Ugreen reveals exclusive Genshin Impact collection and they're some of the most eye-catching charging products I've ever used
Zendesk Relate 2025
Zendesk Relate 2025 - everything you need to know as the event unfolds
Google Gemini AI
Gemini can now see your screen and judge your tabs
iFi iDSD Valkyrie in gold, on a beige desk
iFi's iDSD Valkyrie DAC wants to guide your music to the great hall of Valhalla
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
A fresh Samsung Galaxy S25 Edge leak hints at a 2K display and a titanium frame
Philips Hue
Philips Hue might be working on a video doorbell, and according to a new report, we just got our first look at it
SDUNITED AX835-025FF mini PC
This mini PC with the incredible Strix Halo APU is yet another sign AMD may have given up on big brands for bleeding edge tech
Disney Plus logo with popcorn
You can finally tell Disney+ to stop bugging you about that terrible Marvel show you regret starting