The latest Patch Tuesday update, rolling out now to both Windows 10 and 11, addresses a zero-day vulnerability that’s being actively exploited in the wild. Your machine might have been updated already — if not, apply the December 13th patch via Windows Update ASAP (Start > Settings > Update & Security > Windows Update).

According to Bleeping Computer, the zero-day vulnerability allowed attacks via JavaScript files that could bypass Windows’ standard security alerts for downloading executable files. This in turn would let an attack evade Microsoft Office’s Protected View system. The attack would rely on basic phishing techniques, requiring the user to open a specific file or access an infected website, after which the Magniber ransomware can be installed and encrypt user files remotely.

Various security researchers have observed this vector being used to install malware on the web via the Javascript vulnerability, so this is an active threat. Campaigns have been specifically targeting email data for banking and other financial institutions to be used in follow-up attacks. The issue addressed is labeled “CVE-2022-44698” in Microsoft’s bug tracking system. CVE-2022-44710, another zero-day issue which isn’t known to be a threat in the wild, was also patched.