{"id":116023,"date":"2024-10-19T17:39:56","date_gmt":"2024-10-19T10:39:56","guid":{"rendered":"https:\/\/hotvideos24.online\/?p=116023"},"modified":"2024-10-19T17:39:56","modified_gmt":"2024-10-19T10:39:56","slug":"microsoft-windows-deadline-10-days-to-update-or-stop-using-your-pc","status":"publish","type":"post","link":"https:\/\/hotvideos24.online\/?p=116023","title":{"rendered":"Microsoft Windows Deadline\u201410 Days To Update Or Stop Using Your PC"},"content":{"rendered":"<p> <script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-3711241968723425\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-format=\"fluid\"\r\n     data-ad-layout-key=\"-fb+5w+4e-db+86\"\r\n     data-ad-client=\"ca-pub-3711241968723425\"\r\n     data-ad-slot=\"7910942971\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script><br \/>\n<\/p>\n<div>\n<figure class=\"embed-base image-embed embed-0\" role=\"presentation\"><figcaption><fbs-accordion><\/p>\n<p class=\"color-body light-text\">Government issues updates now warning for Microsoft Windows users.<\/p>\n<p><\/fbs-accordion><small>SOPA Images\/LightRocket via Getty Images<\/small><\/figcaption><\/figure>\n<p>Here we go again. What was described as a \u201c<a href=\"https:\/\/www.forbes.com\/sites\/zakdoffman\/2024\/07\/27\/microsoft-windows-10-windows-11-warning-millions-must-update-by-july-30\/\" target=\"_self\" class=\"color-link\" title=\"https:\/\/www.forbes.com\/sites\/zakdoffman\/2024\/07\/27\/microsoft-windows-10-windows-11-warning-millions-must-update-by-july-30\/\" data-ga-track=\"InternalLink:https:\/\/www.forbes.com\/sites\/zakdoffman\/2024\/07\/27\/microsoft-windows-10-windows-11-warning-millions-must-update-by-july-30\/\" aria-label=\"previously unknown\" rel=\"noopener\">previously unknown<\/a>\u201d threat just three months ago has now prompted a third warning from the US government to update or stop using PCs. By exploiting old code buried under the covers of today\u2019s Windows systems, <a href=\"https:\/\/www.sevcosecurity.com\/sevco-research-organizations-blind-to-windows-mshtml-platform-spoofing-vulnerability-cve-2024-38112-in-1-out-of-10-endpoints\/\" rel=\"nofollow noopener noreferrer\" target=\"_blank\" class=\"color-link\" title=\"https:\/\/www.sevcosecurity.com\/sevco-research-organizations-blind-to-windows-mshtml-platform-spoofing-vulnerability-cve-2024-38112-in-1-out-of-10-endpoints\/\" data-ga-track=\"ExternalLink:https:\/\/www.sevcosecurity.com\/sevco-research-organizations-blind-to-windows-mshtml-platform-spoofing-vulnerability-cve-2024-38112-in-1-out-of-10-endpoints\/\" aria-label=\"it has quickly become clear that\">it has quickly become clear that<\/a> \u201ca significant percentage of Windows devices are fully exposed and at risk of being taken over by attackers.\u201d<\/p>\n<p>The latest vulnerability is CVE-2024-43573, which <a href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\" rel=\"nofollow noopener noreferrer\" target=\"_blank\" class=\"color-link\" title=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\" data-ga-track=\"ExternalLink:https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\" aria-label=\"the US cyber agency\">the US cyber agency<\/a> warns is \u201can unspecified spoofing vulnerability which can lead to a loss of confidentiality.\u201d It has mandated all federal employees to \u201capply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable\u201d by October 29. In other words, update your PC within the next ten days, or stop using it until you can.<\/p>\n<p><a class=\"embed-base color-body color-body-border link-embed embed-4\" href=\"https:\/\/www.forbes.com\/sites\/zakdoffman\/2024\/10\/18\/googles-new-play-store-warning-for-pixel-9-pro-samsung-galaxy-s24-android-users\/\" target=\"_blank\" aria-label=\"New Google Play Store Warning\u2014Apps Will Be Disabled In Next 10 Weeks\" rel=\"noopener noreferrer\" data-ga-track=\"forbesEmbedly:https:\/\/www.forbes.com\/sites\/zakdoffman\/2024\/10\/18\/googles-new-play-store-warning-for-pixel-9-pro-samsung-galaxy-s24-android-users\/\"><span class=\"link-embed__info\"><span class=\"link-embed__provider\">Forbes<\/span><span class=\"link-embed__title\">New Google Play Store Warning\u2014Apps Will Be Disabled In Next 10 Weeks<\/span><small class=\"link-embed__byline\">By <span class=\"link-embed__author\">Zak Doffman<\/span><\/small><\/span><span class=\"link-embed__thumbnail-wrapper\"><span class=\"link-embed__thumbnail allow-inline-style\" style=\"background-image: url(https:\/\/specials-images.forbesimg.com\/imageserve\/914596234\/960x0.jpg?cropX1=103&amp;cropX2=2754&amp;cropY1=366&amp;cropY2=2161);\"\/><\/span><\/a><\/p>\n<p>As ever, while CISA\u2019s mandate applies only to federal staff, it\u2019s intended \u201cfor the benefit of the cybersecurity community and network defenders\u2014and to help every organization better manage vulnerabilities and keep pace with threat activity.\u201d Given this is the third such exploitation of this type of vulnerability in a few weeks, and that the initial fixes clearly didn\u2019t complete the job, all are well advised to update right away. \u201cDon\u2019t ignore this,\u201d <a href=\"https:\/\/www.zerodayinitiative.com\/blog\/2024\/10\/8\/the-october-2024-security-update-review\" rel=\"nofollow noopener noreferrer\" target=\"_blank\" class=\"color-link\" title=\"https:\/\/www.zerodayinitiative.com\/blog\/2024\/10\/8\/the-october-2024-security-update-review\" data-ga-track=\"ExternalLink:https:\/\/www.zerodayinitiative.com\/blog\/2024\/10\/8\/the-october-2024-security-update-review\" aria-label=\"Trend Micro warns\">Trend Micro warns<\/a>. \u201cTest and deploy this update quickly.\u201d<\/p>\n<p><fbs-ad position=\"inread\" progressive=\"\" ad-id=\"article-0-inread\" aria-hidden=\"true\" role=\"presentation\"\/><\/p>\n<p>Timing-wise, <a href=\"https:\/\/www.forbes.com\/sites\/zakdoffman\/2024\/10\/13\/microsoft-update-deadline-new-windows-security-nightmare-is-slowly-coming-true\/\" target=\"_self\" class=\"color-link\" title=\"https:\/\/www.forbes.com\/sites\/zakdoffman\/2024\/10\/13\/microsoft-update-deadline-new-windows-security-nightmare-is-slowly-coming-true\/\" data-ga-track=\"InternalLink:https:\/\/www.forbes.com\/sites\/zakdoffman\/2024\/10\/13\/microsoft-update-deadline-new-windows-security-nightmare-is-slowly-coming-true\/\" aria-label=\"the interesting twist with this October warning is the 900 million Windows 10 users yet to move to Windows 11\" rel=\"noopener\">the interesting twist with this October warning is the 900 million Windows 10 users yet to move to Windows 11<\/a>, now just a year away from end-of-life meaning end of support, which will cut off those users from updates such as this. Worse, <a href=\"https:\/\/www.forbes.com\/sites\/zakdoffman\/2024\/10\/06\/microsoft-windows-10-windows-11-urgent-update-warning-50-million-users\/\" target=\"_self\" class=\"color-link\" title=\"https:\/\/www.forbes.com\/sites\/zakdoffman\/2024\/10\/06\/microsoft-windows-10-windows-11-urgent-update-warning-50-million-users\/\" data-ga-track=\"InternalLink:https:\/\/www.forbes.com\/sites\/zakdoffman\/2024\/10\/06\/microsoft-windows-10-windows-11-urgent-update-warning-50-million-users\/\" aria-label=\"there are also a reported 50 million Windows users on even older legacy versions of the OS\" rel=\"noopener\">there are also a reported 50 million Windows users on even older legacy versions of the OS<\/a>, which means their machines are wide open to these threats.<\/p>\n<p>The \u201cpreviously unknown\u201d threat that has now driven it\u2019s third emergency update warning relates to MSHTML, which\u2014as <a href=\"https:\/\/research.checkpoint.com\/2024\/resurrecting-internet-explorer-threat-actors-using-zero-day-tricks-in-internet-shortcut-file-to-lure-victims-cve-2024-38112\/\" rel=\"nofollow noopener noreferrer\" target=\"_blank\" class=\"color-link\" title=\"https:\/\/research.checkpoint.com\/2024\/resurrecting-internet-explorer-threat-actors-using-zero-day-tricks-in-internet-shortcut-file-to-lure-victims-cve-2024-38112\/\" data-ga-track=\"ExternalLink:https:\/\/research.checkpoint.com\/2024\/resurrecting-internet-explorer-threat-actors-using-zero-day-tricks-in-internet-shortcut-file-to-lure-victims-cve-2024-38112\/\" aria-label=\"Check Point\">Check Point<\/a> explains\u2014is a \u201cspecial Windows Internet Shortcut file, which, when clicked, call the retired Internet Explorer (IE) to visit the attacker-controlled URL\u2026 By opening the URL with IE instead of the modern and much more secure Chrome\/Edge browser on Windows, the attacker gained significant advantages in exploiting the victim\u2019s computer, although the computer is running the modern Windows 10\/11 operating system.\u201d<\/p>\n<p>The first of these vulnerabilities, <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-38112\" rel=\"nofollow noopener noreferrer\" target=\"_blank\" class=\"color-link\" title=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-38112\" data-ga-track=\"ExternalLink:https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-38112\" aria-label=\"CVE-2024-38112\">CVE-2024-38112<\/a>, was disclosed in July and linked to infostealer attacks that <a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/24\/g\/CVE-2024-38112-void-banshee.html\" rel=\"nofollow noopener noreferrer\" target=\"_blank\" class=\"color-link\" title=\"https:\/\/www.trendmicro.com\/en_us\/research\/24\/g\/CVE-2024-38112-void-banshee.html\" data-ga-track=\"ExternalLink:https:\/\/www.trendmicro.com\/en_us\/research\/24\/g\/CVE-2024-38112-void-banshee.html\" aria-label=\"Trend Micro\">Trend Micro<\/a> attributed to APT group Void Banshee. Then in September, CISA added CVE-2024-43461 to its Known Exploited Vulnerability (KEV) catalog, warning it had been exploited \u201cin conjunction with CVE-2024-38112.\u201d<\/p>\n<p><a class=\"embed-base color-body color-body-border link-embed embed-6 link-embed--long-title\" href=\"https:\/\/www.forbes.com\/sites\/zakdoffman\/2024\/10\/18\/new-google-chrome-warning-for-2-billion-microsoft-windows-10-windows-11-users\/\" target=\"_blank\" aria-label=\"Google Reveals New Chrome Update\u2014Microsoft Warns Windows Users To Change Your Browser\" rel=\"noopener noreferrer\" data-ga-track=\"forbesEmbedly:https:\/\/www.forbes.com\/sites\/zakdoffman\/2024\/10\/18\/new-google-chrome-warning-for-2-billion-microsoft-windows-10-windows-11-users\/\"><span class=\"link-embed__info\"><span class=\"link-embed__provider\">Forbes<\/span><span class=\"link-embed__title\">Google Reveals New Chrome Update\u2014Microsoft Warns Windows Users To Change Your Browser<\/span><small class=\"link-embed__byline\">By <span class=\"link-embed__author\">Zak Doffman<\/span><\/small><\/span><span class=\"link-embed__thumbnail-wrapper\"><span class=\"link-embed__thumbnail allow-inline-style\" style=\"background-image: url(https:\/\/specials-images.forbesimg.com\/imageserve\/665ba016d3d11342555e4aba\/960x0.jpg?cropX1=1297&amp;cropX2=3763&amp;cropY1=1341&amp;cropY2=3129);\"\/><\/span><\/a><\/p>\n<p>Disclosing the second of these MSHTML vulnerabilities, <a href=\"https:\/\/www.zerodayinitiative.com\/advisories\/ZDI-24-1207\/\" rel=\"nofollow noopener noreferrer\" target=\"_blank\" class=\"color-link\" title=\"https:\/\/www.zerodayinitiative.com\/advisories\/ZDI-24-1207\/\" data-ga-track=\"ExternalLink:https:\/\/www.zerodayinitiative.com\/advisories\/ZDI-24-1207\/\" aria-label=\"Trend Micro\">Trend Micro<\/a> explained that \u201cthe specific flaw exists within the way Internet Explorer prompts the user after a file is downloaded. A crafted file name can cause the true file extension to be hidden, misleading the user into believing that the file type is harmless. An attacker can leverage this vulnerability to execute code in the context of the current user.\u201d<\/p>\n<p>As for CVE-2024-43573\u2014the third MSHTML vulnerability in as many months and actually the fourth this year, with <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2024-30040\" rel=\"nofollow noopener noreferrer\" target=\"_blank\" class=\"color-link\" title=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2024-30040\" data-ga-track=\"ExternalLink:https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2024-30040\" aria-label=\"CVE-2024-30040\">CVE-2024-30040<\/a> disclosed in May, Trend Micro says it \u201cis also very similar to the bug patched back in July\u2026 There\u2019s no word from Microsoft on whether it\u2019s the same group, but considering there is no acknowledgment here, it makes us think the original patch was insufficient.\u201d<\/p>\n<p><a class=\"embed-base color-body color-body-border link-embed embed-8 link-embed--long-title\" href=\"https:\/\/www.forbes.com\/sites\/zakdoffman\/2024\/10\/18\/new-google-pixel-9-pro-pixel-9-pro-fold-warning-android-15-mistake\/\" target=\"_blank\" aria-label=\"Google\u2019s Update Mistake Confirmed As Millions Of Pixel Owners Install Android 15\" rel=\"noopener noreferrer\" data-ga-track=\"forbesEmbedly:https:\/\/www.forbes.com\/sites\/zakdoffman\/2024\/10\/18\/new-google-pixel-9-pro-pixel-9-pro-fold-warning-android-15-mistake\/\"><span class=\"link-embed__info\"><span class=\"link-embed__provider\">Forbes<\/span><span class=\"link-embed__title\">Google\u2019s Update Mistake Confirmed As Millions Of Pixel Owners Install Android 15<\/span><small class=\"link-embed__byline\">By <span class=\"link-embed__author\">Zak Doffman<\/span><\/small><\/span><span class=\"link-embed__thumbnail-wrapper\"><span class=\"link-embed__thumbnail allow-inline-style\" style=\"background-image: url(https:\/\/specials-images.forbesimg.com\/imageserve\/66e0ee68d68cc946189e55d4\/960x0.jpg?cropX1=998&amp;cropX2=3603&amp;cropY1=288&amp;cropY2=2016);\"\/><\/span><\/a><\/p>\n<p>Given that risk, that the original fixes for the MSHTML threat may have been \u201cinsufficient,\u201d all Windows users should update now, ensuring that October\u2019s Patch Tuesday updates are applied. There are clearly multiple active threats in the wild exploiting this \u201cpreviously unknown\u201d threat, and that will only get worse.<\/p>\n<p>Which also means that if you\u2019re already out of support or may find yourself there in October 2025\u2014with Windows 10\u2019s end-of-life, you should consider your options.<\/p>\n<\/div>\n<p><script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-3711241968723425\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-format=\"fluid\"\r\n     data-ad-layout-key=\"-fb+5w+4e-db+86\"\r\n     data-ad-client=\"ca-pub-3711241968723425\"\r\n     data-ad-slot=\"7910942971\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script><br \/>\n<br \/><div data-type=\"_mgwidget\" data-widget-id=\"1660802\">\r\n<\/div>\r\n<script>(function(w,q){w[q]=w[q]||[];w[q].push([\"_mgc.load\"])})(window,\"_mgq\");\r\n<\/script>\r\n<br \/>\n<br \/><a href=\"https:\/\/www.forbes.com\/sites\/zakdoffman\/2024\/10\/19\/microsoft-warning-for-14-billion-windows-10-windows-11-users-get-free-upgrade\/\">Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Government issues updates now warning for Microsoft Windows users. SOPA Images\/LightRocket via Getty Images Here we go again. What was described as a \u201cpreviously unknown\u201d threat just three months ago &hellip; <a href=\"https:\/\/hotvideos24.online\/?p=116023\" class=\"more-link\">Read More<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8630],"tags":[],"class_list":["post-116023","post","type-post","status-publish","format-standard","hentry","category-technology","entry"],"_links":{"self":[{"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/posts\/116023","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=116023"}],"version-history":[{"count":0,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/posts\/116023\/revisions"}],"wp:attachment":[{"href":"https:\/\/hotvideos24.online\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=116023"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=116023"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=116023"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}