Security update KB3185848 addresses Microsoft Graphics Component vulnerabilities in Windows 10

Reading time icon 2 min. read


Readers help support Windows Report. When you make a purchase using links on our site, we may earn an affiliate commission. Tooltip Icon

Read the affiliate disclosure page to find out how can you help Windows Report effortlessly and without spending any money. Read more

During this month’s Patch Tuesday, Microsoft released a handful of updates for all supported versions of Windows. Most of these updates are security bulletins that came bundled in various cumulative updates. One of these security updates is update KB3185848.

This security bulletin addresses vulnerabilities found in Microsoft Graphics Component, like code execution  privilege escalation, and information disclosure. If exploited, these vulnerabilities can give an attacker a full control over a user’s computer.

In plain English, if an attacker ‘smells’ this vulnerability, he can break into your computer, create user accounts, install programs, and access all your information. Microsoft warns that a ‘victim’ can be affected by opening a malicious site, or a document.

What’s interesting in this case is that the critical code execution vulnerability is only present in Windows 10 version 1607 (the Anniversary Update), where KB3185848 is listed as a critical patch, and is available as apart of cumulative update KB3189866 . For all other versions of Windows, this update is listed as Important.

“The security update addresses the vulnerabilities by correcting how certain Windows kernel-mode drivers and the Windows Graphics Device Interface(GDI) handle objects in memory and by preventing instances of unintended user-mode privilege elevation.”

So, if you’re running Windows 10 version 1607, we highly recommend downloading cumulative update KB3189866. To download this patch, simply go to the Settings app > Updates & security, and check for updates. In case you have problems installing the update, and some people do, download it manually, and you shouldn’t have any problems.

For more information about this security bulletin, check out TechNet’s support page.

RELATED STORIES YOU NEED TO CHECK OUT:

More about the topics: Windows Update