We don't have a thread to notify people of urgent patches, or at least not that I could find, so I figured I would start one. Other people who know about such things, feel free to reply in this thread.
I got sent notice from 2-3 sources today that this one is very high priority to apply:
https://www.forbes.com/sites/daveywinder/2020/01/15/us-government-issues-critical-windows-10-update-now-alert/https://media.defense.gov/2020/Jan/14/2002234275/-1/-1/0/CSA-WINDOWS-10-CRYPT-LIB-20190114.PDF
The vuln is particularly bad for anyone who runs with admin rights, and it's a remote exploit, from what I can see. The NSA decided this was bad enough that they didn't want to weaponize it (!) and rather would have it fixed.
The patch is KB4532938 in Windows Update, I believe, so that's the thing to make sure you have applied.
I got sent notice from 2-3 sources today that this one is very high priority to apply:
https://www.forbes.com/sites/daveywinder/2020/01/15/us-government-issues-critical-windows-10-update-now-alert/https://media.defense.gov/2020/Jan/14/2002234275/-1/-1/0/CSA-WINDOWS-10-CRYPT-LIB-20190114.PDF
The vuln is particularly bad for anyone who runs with admin rights, and it's a remote exploit, from what I can see. The NSA decided this was bad enough that they didn't want to weaponize it (!) and rather would have it fixed.
The patch is KB4532938 in Windows Update, I believe, so that's the thing to make sure you have applied.