Author Topic: Microsoft Update Warning—70% Of All Windows Users Now At Risk  (Read 41 times)

Offline javajolt

  • Administrator
  • Hero Member
  • *****
  • Posts: 35563
  • Gender: Male
  • I Do Windows
    • windows10newsinfo.com
    • Email
Updated August 5 with US government’s new warning for Windows users.


This is dangerous—70% of all Windows users face an impending
security nightmare.NurPhoto via Getty Images
This has not been a good few weeks for Microsoft. Fresh from the Recall recoil, CrowdStrike struck, with various ups and downs with Copilot momentum in between. But the constant throughout has been an impending security nightmare for the vast majority of its Windows users, now just months away.

We’re talking Windows 10, of course, and the staggeringly painful campaign to warn hundreds of millions of holdouts that they need to upgrade to Windows 11. Back in June, I reported on the latest Microsoft nag—a full-screen warning that “end of support for Windows arrives on October 14, 2025; this means your desktop won’t receive technical support or security updates after that date.”

If there was any doubt as to the real danger in leaving Windows unprotected, then Monday’s US government warning should quickly change minds. A 2018 Windows vulnerability has been added to its Exploited Vulnerability (KEV) catalog. “Microsoft COM for Windows,” CISA warns, “contains a deserialization of untrusted data vulnerability that allows for privilege escalation and remote code execution.”

Users have been given until August 26 to patch or cease using Windows systems. Clearly, this 2018 vulnerability does not impact Windows 11, nor any other Windows system updated in the last six years. The Windows 10 risk, though, is real.

The prompt for CISA’s warning appears to be an August Cisco Talos report claiming that a Chinese hacking group with links to the country’s Ministry of State Security may have successfully exploited CVE-2018-0824 as part of an attack on a government research center in Taiwan. The center was “likely compromised,” Talos says.

“APT41 is a prolific and dangerous threat actor that all users and cybersecurity practitioners should be keeping track of,” Talos warns. “APT41 created a tailored loader to inject a proof of concept for CVE-2018-0824, a remote code execution vulnerability in Microsoft COM for Windows, directly into memory to achieve local privilege escalation… Users should ensure all Windows systems are up to date to the latest version to protect against this vulnerability.”

[/url]
Windows 10 Vs Windows 11, July 2023-July 2024Statcounter
This is a good example as to why the prospect of hundreds of millions of Windows users heading towards end-of-support is a security nightmare. Maybe, just maybe, users are now starting to listen—albeit not enough, not nearly fast enough. As Windows specialist Neowin has just reported, “in July 2024, Windows 11 hit an important milestone: for the first time since its launch in October 2021, the operating system crossed the 30% market share mark.” Just. With the latest stats from Statcounter showing better than 7% year-over-year growth for Windows 11.

But that means that more than twice as many Microsoft Windows users are still not using Windows 11 than those that are. Even now. Three-years post launch.

Window 11 isn’t at all new, and all those converts and non-converts know its pros and cons; so setting aside a Copilot AI-driven boost, the question is whether this is a trend or a blip. Certainly, when you look at Statcounter’s Windows 10 chart decline over the last year (above), the line chart is not something you could ski down. Similarly, Windows 11 growth is an easy stroll up a gently slope, to put it mildly.

And so, while it’s clearly good news that there’s some movement, the reality looks worrying. There will be some accelerated shifting to Windows 11 in the coming months ahead of their October 2025 end-of-life, and there will be some companies and home users (when it’s available) taking up extended paid support. But there will also be many millions of users coming off support and taking the risk. With plenty of headlines fueling the reluctance, this problem isn’t going away (1,2,3).

Given the experience of recent weeks, with those global images of blue screens of death all around, come next October, this could be a hackers’ paradise for some time at least. The other factor that will play will be bad actors taking advantage of the bad situation and mailing out scam after scam to target worried Windows 10 users.

Expect to see plenty of that through 2025.

source