The reason they’re being included in this particular update is the fact that a hacking collective known as the Shadow Brokers recently released knowledge of a collection of critical “zero-day” exploits, including a number culled from the NSA’s hacking arsenal.
The update seeks to provide a measure of protection for all Windows Operating Systems, including those whose official support has ended. This is a clear sign of just how serious these exploits are, and how seriously the company takes them.
Any one of these exploits could be used by a skilled hacker to take full control of your PC, remotely.
The fix also includes a patch to address SMB vulnerabilities, like the ones exploited in the recent, global “Wannacry” ransomware attack.
The patch also seeks to address the “LNK RCE” vulnerability, which is an exploit that takes advantage of how Windows handles LNK desktop shortcuts, which could allow code to be executed remotely if the icon in question is properly crafted.
According to the researchers behind the latest fix, “The attacker could present the user a removable drive or remote share that contains a malicious .LNK file and an associated malicious binary. When the user opens this drive (or remote share) in Windows Explorer, or any other application that parses the .LNK file, the malicious binary will execute code of the attacker’s choice, on the target system.”
Security professionals may recognize this, and there’s a good reason for it. This is exactly how the Stuxnet worm operates, which is one of the most devastating worms ever to be devised.
Bottom line: this is a patch you’re not going to want to miss.