Do Not Download These Windows Security Updates, Experts Warn

ByDavey Winder,

Senior Contributor.

It’s hard being a Windows user sometimes. What with the constant flow of security alerts concerning everything from hackers using ancient protocols and brand new vulnerabilities in attacks. The good news is that Microsoft issues security updates for all users, even those of the now unsupported Windows 10 operating system, if you know how to sign up for them. The bad news is that security updates can cause problems as well as solve them. The even worse news is that hackers have been employing fake Windows security updates as part of a ClickFix cyberattack campaign. Here’s what you need to know.

Security experts at Huntress have confirmed that hackers employing the ClickFix malware have been using fake Windows security updates in their attacks.

ClickFix is a type of social engineering technique that tricks users into running malicious commands on their own machines, typically using fake fixes or I-am-not-a-robot prompts. These types of attacks have surged over the past year, with both government-sponsored spies and cybercriminal gangs deploying this technique to deliver malware. The irony being that Microsoft itself has already warned that ClickFix is the most often used method of gaining initial access, “accounting for 47 percent of attacks” observed in Microsoft Defender notifications.

Do Not Download These Windows Security Updates, Experts Warn

Related reading

Bad News For Microsoft Windows 10 Users — Another Security Update Fail

All Microsoft Windows Users Warned As New Bot Attacks Confirmed

Microsoft Confirms Free Windows 10 Security Updates — How To Get Them

Warning Issued As Hackers Give Microsoft Windows The Finger: Report

Microsoft Silently Activates Critical Windows Security Update

New Warning As Microsoft Windows Attacks Confirmed — No Fix Available