Timing is everything—and that’s especially true for the millions of Microsoft Windows users with a fast-approaching July 4 deadline to update their systems.
It’s just two weeks ago that we saw a patched Windows vulnerability come back to life. While Microsoft had suggested no known exploits for CVE-2024-26169, Symantec’s security researchers thought somewhat differently, with “some evidence” that attackers “compiled a CVE-2024-26169 exploit prior to patching.”
And it’s just last month that several US government agencies—including CISA and the FBI—collaborated on a Cybersecurity Advisory warning that “Black Basta affiliates have impacted a wide range of businesses and critical infrastructure in North America, Europe, and Australia. As of May 2024, Black Basta affiliates have impacted over 500 organizations globally.”
Black Basta is a Ransomware-as-a-Service (RaaS) group that has targeted “12 out of 16 critical infrastructure sectors,” the agencies said, “including the Healthcare and Public Health (HPH) Sector.” But the group’s activities have extended well beyond the public sector, hitting the likes of Hyundai, Rheinmetall, Capita and ABB.
Timing is everything. And these stories come together—somewhat awkwardly for Microsoft—because Symantec suggested it was “the Cardinal cybercrime group (aka Storm-1811, UNC4393), which operates the Black Basta ransomware” that was likely exploiting the privilege escalation vulnerability in Microsoft’s Windows Error Reporting Service for several weeks before it was patched in March.
CISA has added CVE-2024-26169 to its Known Exploit Vulnerability (KEV) catalog, flagging that it is “known to be used in ransomware campaigns” and mandating all Windows systems be updated or shut down by July 4. That mandate only applies to US federal agencies, but CISA says it “strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation.”
Black Basta has now generated significantly more than $100 million in ransomware payments, and so leaving Windows systems unpatched is a gamble no organization should take. All should follow CISA’s July 4 update mandate. While the specific issue here is less relevant to personal users, update right away if you haven’t done so.
Just days before Symantec’s report, we saw Microsoft again urging Windows 10 users to upgrade to Windows 11. With a daunting 70% of users yet to make the switch ahead of next year’s end-of-life, that challenge is becoming ever more acute.
When Windows 10 goes end-of-life it also goes end-of-support. No more security updates for users unwilling to upgrade or pay a new and expensive annual fee.
And so to all those corporate and personal Windows 1o holdouts. “It’s time to upgrade your PC before end of support,” Microsoft urges. “End of support for Windows arrives on October 14, 2025. This means your desktop won’t receive technical support or security updates after that date.”
And that’s simply not a risk worth taking—certainly not with Windows.