Do you have any idea what the Windows Update downgrade attack is? How might this attack affect your computer? Is it possible to alleviate or fix Windows Update downgrade attack? Now check out this MiniTool guide for detailed information.

Overview of Windows Update Downgrade Attack

Internet enthusiasts may have noticed that a recent event focusing on cybersecurity, the Black Hat Conference, was held. What attracted widespread attention at the conference was that researchers from SafeBreach revealed a Windows update downgrade attack, also known as a version-rollback attack. According to the SafeBreach report, it is an attack that restores immune, fully up-to-date software to an older version, which may have serious impacts on computer system components, software, files, etc.

Specifically, this means that malicious actors can manipulate Windows Update and downgrade DLLs, drivers, and even critical operating system components such as the NT kernel. This renders all installed patches that have been thoroughly researched and released to address or fix Windows security vulnerabilities ineffective. In the process, system administrative privileges can be elevated and security features can be bypassed.

According to SafeBreach’s practice, after attempting a Windows Update downgrade attack, the Windows system did not recognize that there was a newer version of the security update available but instead reported that the system was already the latest version. In addition, neither the recovery nor the scanning tools could detect that the system had been infected by a Windows Update downgrade attack.

In short, this attack may cause serious harm to the computer and lead to bad consequences such as data leakage.

For more detailed investigation information, you can refer to the report from SafeBreach: Windows Downgrade Attacks via Windows Update.

Two Common Vulnerabilities and Disclosures Published by Windows

Microsoft has not yet released an update or patch to fully fix or mitigate the vulnerability in response to this attack. Fortunately, it has released two CVEs (CVE-2024-38202 and CVE-2024-21302) to reduce the risk of exploitation. If you are interested in them, you can visit the following websites and take appropriate action according to the instructions.

Related operational recommendations include configuring the Audit Object Access setting, auditing users with permissions to perform backup and restore operations, implementing access control lists, etc.

How to Fix BitLocker Recovery Screen After KB5040442 Installation
How to Fix BitLocker Recovery Screen After KB5040442 Installation

Does your PC boot into the BitLocker recovery screen after KB5040442 security update? Here is a feasible workaround.

Read More

Common Measures to Prevent Computer Attacks

In daily computer use, what methods can be used to prevent the system from downgrade attacks or other attacks? Here are some recommendations:

  • Do not download applications or software from risky sources or websites to avoid unexpected risks.
  • Use network security measures such as Windows Firewall to monitor and filter network traffic to protect the system.
  • Do not access suspicious links or compressed files at will.
  • Although a Windows Update downgrade attack may roll back installed Windows updates, you should still keep your computer up to date. This will not only help prevent viruses and malware from invading your computer but will also help improve computer performance.
  • Regularly back up important files on your computer to an external hard drive to protect data. Recommended professional data backup software includes MiniTool ShadowMaker, etc.

MiniTool ShadowMaker TrialClick to Download100%Clean & Safe

Further Reading:

Computer attacks often put your data at risk. If you need to recover deleted or lost data on a Windows computer, you can use MiniTool Power Data Recovery. It serves as the most secure and reliable data recovery software that helps recover diverse files without bringing any damage to the original data. This software provides you with a free edition that supports free download, free disk scanning, free file preview, and 1 GB of free data recovery. If necessary, you can download it and have a try.

MiniTool Power Data Recovery FreeClick to Download100%Clean & Safe

How to Recover Files Deleted by McAfee With Ease
How to Recover Files Deleted by McAfee With Ease

In this comprehensive tutorial, you will learn how to recover files deleted by McAfee antivirus on Windows with ease.

Read More

Bottom Line

In summary, this article provides a brief introduction to the Windows Update downgrade attack, including what it is and how it can affect your computer. In addition, it describes some general precautions for computer security prevention.

  • linkedin
  • reddit

About The Author

Shirley
Shirley

Position: Columnist

Shirley graduated from English major and is currently an editor of MiniTool Team. She likes browsing and writing IT-related articles, and is committed to becoming a professional IT problem solver. The topic of her articles are generally about data recovery, data backup, and computer disk management, as well as other IT issues. In spare time, she likes watching movies, hiking and fishing.