All versions of Windows hit by "critical" security vulnerabilities

Microsoft has fixed a critical security vulnerability affecting all supported versions of Windows.

The company said in a security advisory that all users of Windows 10 and earlier should patch as soon as possible to prevent attackers from exploiting a flaw in how the operating system handles graphics and fonts.

The patch fixes four separate vulnerabilities -- the worst of which could let an attacker install malware on an affected computer.

The flaw is not thought to have been actively exploited in the wild, the company said.

It's the fourth patch so far this year that's affected every supported versions of Windows. Microsoft currently patches Windows Vista and later -- including its latest operating system, Windows 10 -- but leaves millions of unsupported users of Windows XP at risk of infection.

Microsoft said it had issued eight bulletins in total, patching dozens of vulnerabilities in Windows and Office 2007 and later. Two of those patches include fixes for Internet Explorer and its newer browser, Microsoft Edge for Windows 10.

May's patches will be available through the usual update channels.

Security

Do you need antivirus on Linux?

6 ways to protect yourself from getting scammed online, by phone, or IRL

The best VPN free trials for 2024

8 habits of highly secure remote workers

How to find and remove spyware from your phone

• Do you need antivirus on Linux?
• 6 ways to protect yourself from getting scammed online, by phone, or IRL
• The best VPN free trials for 2024
• 8 habits of highly secure remote workers
• How to find and remove spyware from your phone