As part of the February 2024 Patch Tuesday Update, Microsoft released a fix that addresses 73 security flaws across its entire product lineup, from Windows to Office

According to Microsoft's support documentation, five of these 73 vulnerabilities are rated "critical," while the remaining vulnerabilities all have Common Vulnerability Scoring System (CVSS) scores of 5 or higher While most of these security flaws have not yet been exploited in cyber attacks, the two zero-day vulnerabilities that Microsoft has patched are being actively exploited by hackers

According to The Hacker News, in addition to updating Windows, you should also install the latest version of Microsoft Edge, as 24 flaws have been patched since the Patch Tuesday update release last month

Here's what you need to know about the latest Patch Tuesday Update and why you should install it now, along with tips on how to protect your PC from hackers

In most cases, the likelihood of many of these flaws being exploited by hackers is not very high, but there are four that Microsoft believes could be used in potential attacks These include a flaw in Microsoft Office, a flaw in Outlook, a flaw related to Windows kernel drivers, and a flaw in the Windows kernel itself However, it is the two zero-day ones that are currently being patched that are actually worth worrying about [The first zero-day (tracked as CVE-2024-21351) is a bypass of the Windows SmartScreen security feature, which has a CVSS score of 76 out of 10 This vulnerability can be exploited by hackers to inject code into SmartScreen and potentially leak data However, in order for an attacker to use this flaw in an attack, they must first send a malicious file to a potential victim and force them to open it

The second zero-day (tracked as CVE-2024-21412) is a bypass of the Internet Shortcut Files security feature with a CVSS score of 81 out of 10 It is more dangerous because it can be used by unauthenticated attackers to send specially crafted files to potential victims, bypassing the security checks that are displayed However, as with other zero-day updates in this series of Patch Tuesday updates, the hacker who exploits it needs to convince the victim to click on a link in the file for the attack to work

According to a blog post by Malwarebytes, both of these zero-day exploits affect Microsoft's Mark of the Web (MOTW) technology, which means that when users attempt to open files downloaded from the Internet, Windows pop-up warning message If this pop-up is not displayed, Windows users may end up installing dangerous software on their PCs that they did not authorize

As with the best MacBooks, the easiest way to protect your Windows laptop from hackers is to install updates as soon as they become available This may be a bit inconvenient, but hackers love to target devices that have not been updated despite the availability of fixes

Here's how to update Windows 11 and here's how to update Windows 10 But often, when a major update becomes available, Windows downloads it in the background and applies it the next time you reboot your PC

Microsoft Defender may be sufficient for your new laptop, but if you want additional protection, you may want to use one of the best antivirus software solutions in parallel Similarly, using one of the best password managers will help protect your online accounts while preventing password reuse

If you use one of the best Windows laptops, it is worth noting that Microsoft's Patch Tuesday Update is released on the second Tuesday of every month That way, you can plan your work around the updates so that you are not interrupted while doing something important