
Microsoft’s July Patch Tuesday has just fixed a record 570 flaws in Windows – the largest update in the program’s history, beating June’s previous record of just over 200. Three of the flaws are zero-days that were already being actively exploited or publicly disclosed before the fix landed, and 59 bugs are rated “critical”.
For a small or medium business, this isn’t just a number to skim past. Most of the fixes fall into a handful of dangerous categories: 145 remote-code-execution flaws (letting an attacker run malicious code on a machine from outside), 254 elevation-of-privilege flaws (letting malware or an intruder gain admin-level control), and 102 information-disclosure flaws (exposing data that should stay private). Any one of these, left unpatched on a work PC or server, is a way in for ransomware or data theft.
The businesses most at risk are the ones that delay updates – waiting for a “convenient time”, disabling auto-updates to avoid interruptions, or running older, unsupported versions of Windows. Attackers specifically target the gap between a patch being released and it actually being installed, because that’s when the flaw becomes public knowledge but many systems are still exposed.
What to do this week
- Update every Windows device – PCs, laptops, and especially servers – as soon as possible, don’t leave it to run overnight “eventually”.
- Check your update settings – make sure automatic updates are actually turned on across the business, not just on the machines IT staff use personally.
- Reboot after patching – many of these fixes only take effect once the machine restarts, so a downloaded-but-not-installed update gives no protection.
If you manage IT yourself and aren’t confident every device in your business is covered, this month’s update is a good reason to check.
