Security update KB3185848 addresses Microsoft Graphics Component vulnerabilities in Windows 10

by Ivan Jenic
Ivan Jenic
Ivan Jenic
Troubleshooting Expert
Passionate about all elements related to Windows and combined with his innate curiosity, Ivan has delved deep into understanding this operating system, with a specialization in drivers and... read more
Published on
Affiliate Disclosure
XINSTALL BY CLICKING THE DOWNLOAD FILE
To fix Windows PC system issues, you will need a dedicated tool

SPONSORED

Fortect is a tool that does not simply clean up your PC, but has a repository with several millions of Windows System files stored in their initial version. When your PC encounters a problem, Fortect will fix it for you, by replacing bad files with fresh versions. To fix your current PC issue, here are the steps you need to take:
  1. Download Fortect and install it on your PC.
  2. Start the tool's scanning process to look for corrupt files that are the source of your problem
  3. Right-click on Start Repair so the tool could start the fixing algorythm
  • Fortect has been downloaded by 0 readers this month, rated 4.4 on TrustPilot

During this month’s Patch Tuesday, Microsoft released a handful of updates for all supported versions of Windows. Most of these updates are security bulletins that came bundled in various cumulative updates. One of these security updates is update KB3185848.

This security bulletin addresses vulnerabilities found in Microsoft Graphics Component, like code execution  privilege escalation, and information disclosure. If exploited, these vulnerabilities can give an attacker a full control over a user’s computer.

In plain English, if an attacker ‘smells’ this vulnerability, he can break into your computer, create user accounts, install programs, and access all your information. Microsoft warns that a ‘victim’ can be affected by opening a malicious site, or a document.

What’s interesting in this case is that the critical code execution vulnerability is only present in Windows 10 version 1607 (the Anniversary Update), where KB3185848 is listed as a critical patch, and is available as apart of cumulative update KB3189866 . For all other versions of Windows, this update is listed as Important.

“The security update addresses the vulnerabilities by correcting how certain Windows kernel-mode drivers and the Windows Graphics Device Interface(GDI) handle objects in memory and by preventing instances of unintended user-mode privilege elevation.”

So, if you’re running Windows 10 version 1607, we highly recommend downloading cumulative update KB3189866. To download this patch, simply go to the Settings app > Updates & security, and check for updates. In case you have problems installing the update, and some people do, download it manually, and you shouldn’t have any problems.

For more information about this security bulletin, check out TechNet’s support page.

RELATED STORIES YOU NEED TO CHECK OUT:

This article covers:Topics: