Updated June 29 with details of a restart loop impacting some Windows 11 users.
Timing is crucial for millions of Microsoft Windows users with a fast-approaching July 4 deadline to update their systems.
Recently, a patched Windows vulnerability resurfaced. Microsoft suggested no known exploits for CVE-2024-26169, but Symantec’s security researchers indicated otherwise, finding "some evidence" of attackers exploiting it before patching.
Last month, U.S. government agencies, including CISA and the FBI, issued a Cybersecurity Advisory. They warned that “Black Basta affiliates have impacted a wide range of businesses and critical infrastructure in North America, Europe, and Australia," affecting over 500 organizations globally as of May 2024.
Black Basta, a Ransomware-as-a-Service (RaaS) group, has targeted 12 out of 16 critical infrastructure sectors, including Healthcare and Public Health. The group has also impacted major companies like Hyundai, Rheinmetall, Capita, and ABB.
Symantec suggests that the Cardinal cybercrime group, operating the Black Basta ransomware, exploited the privilege escalation vulnerability in Microsoft’s Windows Error Reporting Service for weeks before it was patched in March.
CISA has added CVE-2024-26169 to its Known Exploit Vulnerability (KEV) catalog, highlighting its use in ransomware campaigns and mandating updates or shutdowns of all Windows systems by July 4. This mandate applies to US federal agencies, but CISA strongly urges all organizations to prioritize timely remediation to reduce cyberattack risks.
Black Basta has generated over $100 million in ransomware payments, making it crucial for organizations to follow CISA’s July 4 update mandate. While this specific issue is less relevant to personal users, updating your system immediately is recommended.
Since the article's initial publication, an unexpected restart loop has impacted some Windows 11 users installing June’s Windows 11 KB5039302. Microsoft has warned that “after installing updates released June 26, 2024 (KB5039302), some devices might fail to start,” advising that “affected systems might restart repeatedly and require recovery operations to restore normal use.”
Despite these headlines, proceed to update as usual. KB5039302 is not a mandatory or security update, and home users are less likely to be affected by the new issue, which primarily impacts enterprise machines running virtual machine tools and nested virtualization features. The security patch resolving the Microsoft Windows Error Reporting Service vulnerability was released before June’s update, so urgency remains.
Looking ahead, a significant issue for Windows home users is the October 14, 2025, end-of-life deadline for Windows 10. Microsoft is urging users to upgrade to Windows 11, with 70% of users yet to make the switch. When Windows 10 goes end-of-life, it will no longer receive security updates, posing a significant risk for users unwilling to upgrade or pay a new annual fee.
Microsoft advises all Windows 10 users to upgrade their PCs before October 14, 2025, to avoid losing technical support and security updates, ensuring the security and functionality of their systems.
more information, click here.
Post a Comment for "Update Your Microsoft Windows PC by July 4 Deadline"