While browsing the internet, Karl is alerted by a pop-up message informing him that Windows has detected a vulnerability in his computer and that he needs to install a critical update. The pop-up also contains a link that reads, “Download Windows Security Update Pack: 19.0021.” What should Karl do?

Don’t click the link. That pop-up is almost certainly fake (scareware) and trying to get you to download malware.

What to do right now
- Close the pop-up/browser tab. If it won’t close, end the browser process in Task Manager (Ctrl+Shift+Esc) and reopen the browser.
- Never follow update links in random web pop-ups. Microsoft delivers updates via Windows Update (Settings > Update & Security > Windows Update), not through a “Windows Security Update Pack: 19.0021” pop-up. Real Windows updates use KB numbers, not random product-like names.

Follow-up checks
1. Manually check for legitimate updates: Settings > Update & Security > Windows Update > Check for updates, and install anything offered there.
2. Scan for malware: run your antivirus and an on-demand scanner (for example Malwarebytes) and do a full system scan.
3. Clear browser data and extensions: remove unknown extensions, clear cache and cookies, and consider resetting the browser.
4. If you downloaded or ran the file: disconnect from the network, run full AV/antimalware scans, consider using System Restore from a restore point made before the event, and if you suspect compromise, restore from backup or reinstall Windows. Change important passwords from a different, clean device.

How to spot these scams
- Urgent pop-ups claiming your PC is “infected” or “vulnerable.”
- Non-Microsoft domains or weird product/version names (hover over links to see the URL).
- Microsoft does not send critical updates via random browser pop-ups.

If you need, tell me which Windows version you’re on and whether you clicked or downloaded anything — I can give specific cleanup steps.