Microsoft has released its monthly security and quality updates for Windows 10 and Windows 11 on February 13, 2024. These updates include fixes for 73 vulnerabilities, two of which are actively exploited zero-days, as well as new features and improvements for Windows 11. Here are some of the highlights of the February 2024 Windows updates:
Security Fixes
The most critical security issue addressed in this patch cycle is CVE-2024-21412, a security feature bypass vulnerability in the way Windows handles Internet Shortcut Files. This flaw could allow an attacker to execute arbitrary code on a target system by tricking a user into opening a malicious shortcut file. Microsoft says this vulnerability is being exploited in the wild, so it is recommended to apply the update as soon as possible.
Another zero-day vulnerability fixed in this patch cycle is CVE-2024-21413, a remote code execution vulnerability in the Windows TCP/IP stack. This flaw could allow an attacker to send specially crafted packets to a target system and execute code with elevated privileges. Microsoft says this vulnerability is also being exploited in the wild, and it affects both Windows 10 and Windows 11.
Other notable security fixes include:
- CVE-2024-21414, a remote code execution vulnerability in the Windows Print Spooler service. This flaw could allow an attacker to execute code with system privileges by sending a malicious print job to a vulnerable printer. This vulnerability is similar to the infamous PrintNightmare bug that was disclosed last year.
- CVE-2024-21415, a privilege escalation vulnerability in the Windows Installer service. This flaw could allow an attacker to elevate their privileges by exploiting a race condition in the way the service handles file operations.
- CVE-2024-21416, a denial of service vulnerability in the Windows Kernel. This flaw could allow an attacker to cause a system crash by sending a specially crafted IOCTL request to a vulnerable device driver.
- CVE-2024-21417, an information disclosure vulnerability in the Windows Kernel. This flaw could allow an attacker to read the contents of kernel memory by exploiting a memory leak in the way the kernel handles certain system calls.
Feature Updates
In addition to the security fixes, the February 2024 update also brings some new features and improvements for Windows 11 users. These include:
AI-powered desktop organization: Windows 11 now uses artificial intelligence to automatically arrange your desktop icons and windows based on your usage patterns and preferences. You can also customize the layout and appearance of your desktop with the new Desktop Personalization settings.
Bing search opt-out: Windows 11 users in the European Union can now disable Bing as the default search engine in Windows Search. This option is available in the Search Settings page, under the More Details section. You can also uninstall Microsoft Edge from your system if you prefer another browser.
Notepad updates: Notepad has received some enhancements, such as support for dark mode, auto-save, and multi-line find and replace. You can also access Notepad from the Power Menu by pressing Win+X and selecting Notepad from the list.
Accessibility improvements: Windows 11 has improved its accessibility features, such as Narrator, Magnifier, and Eye Control. You can now use Narrator to read web pages and PDF documents, Magnifier to zoom in and out with the mouse wheel, and Eye Control to navigate the system with your eyes.
Other changes: Windows 11 has also made some minor changes, such as adding a new emoji panel, updating the Start Menu design, and removing the watermark from the desktop.
