I don't mean to come off rude, but come on? A look at your code and you clearly don't see anything wrong?
A) No
Parameters are being used to protect you against
SQL injection and cross scripting etc. . .
B) Knowing the difference between using the basic fundamental symbols of the language you are writing in is a must.
+ VS &
C) Basic knowledge of
MySQL is imperative to know what you are doing. In your case; you don't. . .
Dim Query As String = "Update YourDB.my_table_name SET Value1=@V1, Value2=@V2 Where Value3=@Condition;"
Parameters.AddWithValue("@V1", "Value Of 1")
Parameters.AddWithValue("@V2", "Value Of 2")
Parameters.AddWithValue("@Condition", 0)
Then Executenonquery() to initiate your action on your command.
You can see further explanation on MySQL covered in this
Answer, also answered by me. I hope it helps get you started in the right direction. But you are going to have to do some research and study the basics before going further with this.