January Windows 10 'Patch Tuesday' updates roll out, fix important security flaw
No more spoofing for you.
What you need to know
- January's Windows 10 "Patch Tuesday" updates are now rolling out.
- All supported versions of Windows 10 will receive updates.
- This month's releases include a fix for an important security flaw.
It's the second Tuesday of the month, which means it's time for another round of "Patch Tuesday" updates for Windows 10. Like previous Patch Tuesday releases, these cumulative updates don't contain any new features. Rather, the focus is on security and reliability improvements across the board.
This month, Microsoft has also shipped a fix for an important security vulnerability. According to Microsoft's security guidance on the flaw, the flaw could allow an attacker to conduct man-in-the-middle attacks and get their hands on confidential information.
"An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source," Microsoft says in its security guidance. "The user would have no way of knowing the file was malicious, because the digital signature would appear to be from a trusted provider."
For PCs running Windows 10 versions 1909 and 1903, the release notes include the following:
- Security updates to Windows App Platform and Frameworks, Windows Input and Composition, Windows Management, Windows Cryptography, Windows Storage and Filesystems, the Microsoft Scripting Engine, and Windows Server.
Windows 10 version 1809, meanwhile, will receive the following updates:
- Addresses an issue to support new SameSite cookie policies by default for release 80 of Google Chrome.
- Security updates to Windows App Platform and Frameworks, Windows Input and Composition, Windows Management, Windows Cryptography, Windows Virtualization, the Microsoft Scripting Engine, and Windows Server.
For Windows 10 versions 1803 and earlier, you'll see a similar set of security updates, with the release notes noting the following:
- Security updates to Windows App Platform and Frameworks, Windows Input and Composition, Windows Management, Windows Cryptography, Windows Virtualization, the Microsoft Scripting Engine, and Windows Server.
Each of these updates is available now via Windows Update for anyone running supported versions of Windows 10. For more, you can check out Microsoft's full release notes for each version at the Windows 10 support site.
Get the Windows Central Newsletter
All the latest news, reviews, and guides for Windows and Xbox diehards.
Dan Thorp-Lancaster is the former Editor-in-Chief of Windows Central. He began working with Windows Central, Android Central, and iMore as a news writer in 2014 and is obsessed with tech of all sorts. You can follow Dan on Twitter @DthorpL and Instagram @heyitsdtl.