Microsoft Quietly Patches Security Holes in Windows 10

Last Edited: October 7, 2017 | Published: October 7, 2017 by

Microsoft Quietly Patches Security Holes in Windows 10

Leaves Windows 7 and Windows 8 Out in the Cold

Microsoft has been quietly patching security holes and bugs in Windows 10. Unfortunately, they don’t seem to be doing the same with the other two operating systems they are supposed to be supporting. While they are working to kill the bugs in the Windows 10, Windows 7 and Windows 8 aren’t receiving these same updates, even though they suffer from the same security threats.

The company has been cleaning up many of these bugs in Windows 10 with each major update, including the Anniversary Update and the Creator’s Update. However, sealing these bugs doesn’t seem to be coming to Windows 7 and Windows 8, at least not as quickly. In some cases, it isn’t happening at all.

This comes from Google’s Project Zero team, and they have publicly blogged about it. This means that if they didn’t already know, the hackers are now aware of the security flaws in these older systems.

The major fear with this is that there are still many systems out there both in people’s homes and in many businesses around the world that still use Windows 7 and Windows 8. If hackers figure out the flaws, they could use them to exploit the systems, spy on the users, or even steal valuable personal data.

“Microsoft is known for introducing a number of structural security improvements and sometimes even ordinary bug fixes only to the most recent Windows platform,” Google Project Zero researcher Mateusz Jurczyk said on Thursday.

“This creates a false sense of security for users of the older systems, and leaves them vulnerable to software flaws which can be detected merely by spotting subtle changes in the corresponding code in different versions of Windows.”

While it’s not realistic to expect even Microsoft to support older software indefinitely, almost half the systems out there right now are Windows 7 and 8, not Windows 10. This means there are a lot of computers out there that are vulnerable, and with the methods Microsoft is using, attackers are even made aware of where to concentrate their attacks. This is counterintuitive to user security.

Windows has a customer commitment to investigate reported security issues, and proactively update impacted devices as soon as possible,” a Microsoft told The Register.

“Additionally, we continually invest in defense-in-depth security, and recommend customers use Windows 10 and the Microsoft Edge browser for the best protection.”

What does that mean to end users? Since Microsoft Edge is only available for Windows 10, it sounds like they want you to leave Windows 7 and Windows 8 behind and upgrade to Windows 10. In the end, that means nothing and does nothing to answer the question or address the problem.

While Microsoft says they are committed to security, it seems they are a little loose with security on their older software platforms. For the best security, you are going to have to upgrade to Windows 10. Nice answer Microsoft. If you don’t, then be extra careful when you use your system. Who knows if these important updates have reached your system or not.

About the author

Matt Garrett

Matt is an IT professional with over fifteen years experience supporting network infrastructure and computers. An avid gamer, Matt enjoys his time playing and writing about his experiences both in the IT world and in the gaming communities. You can find more of his writing for LaptopNinja where he enjoys talking about everything tech.

See all posts from Matt Garrett