The update deadline is fast approaching
Updated on June 29 with details about the restart loop affecting some Windows 11 users.
Timing is everything – and that’s especially true for the millions of Microsoft Windows users with the July 4th deadline to update their systems fast approaching.
It was only two weeks ago that we saw a patched Windows vulnerability come back to life. While Microsoft did not suggest any known exploits for CVE-2024-26169, security researchers at Symantec thought differently, with “some evidence” that attackers “compiled the CVE-2024-26169 exploit before the patch.”
And it’s just last month that several US government agencies – including CISA and the FBI – collaborated on a Cybersecurity Advisory warning that “Black Bast affiliates have affected a wide range of businesses and critical infrastructure in North America, Europe and Australia. As of May 2024, Black Basta affiliates have impacted over 500 organizations worldwide.
Black Basta is a Ransomware-as-a-Service (RaaS) group that targets “12 out of 16 critical infrastructure sectors,” the agencies said, “including the Healthcare and Public Health (HPH) sector. However, the group’s activities went beyond the public sector and affected companies such as Hyundai, Rheinmetall, Capita and ABB.
Timing is everything. And these stories come together – rather awkwardly for Microsoft – as Symantec suggested that it was the “Cardinal Cybercrime Group (aka Storm-1811, UNC4393) operating the Black Basta ransomware” that likely exploited a privilege escalation vulnerability on the system Windows Error Reporting by Microsoft. Service for several weeks before it was fixed in March.
CISA has added CVE-2024-26169 to its Known Exploit Vulnerability (KEV) catalog, saying it is “known to be used in anti-ransomware campaigns” and ordering all Windows systems to update or shut down by July 4. The mandate only applies to US Federal agencies, but CISA says it “strongly encourages all organizations to reduce their exposure to cyber attacks by prioritizing early remediation.”
Black Basta has now generated well over $100 million in ransomware payments, so leaving Windows systems unpatched is a gamble no organization should take. All should follow CISA’s July 4 update mandate. Although the specific issue here is less relevant to personal users, please update immediately if you haven’t already.
Since this article was published, the situation for Windows 11 users has been complicated by reports of an unexpected reboot loop affecting some users who installed the June Windows 11 KB5039302.
Microsoft warned users that “some devices may fail to boot after installing the updates released on June 26, 2024 (KB5039302)” and advised that “affected systems may reboot repeatedly and require recovery operations to resume normal use.”
Don’t be alarmed by these headlines and continue updating as usual.
KB5039302 is not a mandatory update per se and is not a security update – as such, put those headlines aside and carry on as usual. Do not confuse this update with the security patch that addresses the Microsoft Windows Error Reporting Service vulnerability. In any case, it is highly likely that your Windows 11 PC will not be affected by the new issue. This reboot loop affects enterprise machines running “virtual machine tools and embedded virtualization features,” Microsoft said, meaning home users are less likely to be affected. Users will still see relevant updates as available.
The issues covered by the CISA warning were fixed before the June release and, from Black Bast’s point of view, the urgency remains. And that means that while Microsoft may have downloaded KB5039302 for some users, you should make sure to update your PC before the 4th of July deadline.
A much more serious issue affecting Windows home users is now fast approaching, although the October 14, 2025 deadline is still more than a year away. Just a few days before Symantec’s report, we saw Microsoft once again urging Windows 10 users to upgrade to Windows 11. With a daunting 70% of users yet to make the switch before the end of next year, the call becomes more urgent and the company’s problems Microsoft started touching computers all over the world.
When Windows 10 ends its life, so does support. No more security updates for users who don’t want to upgrade or pay a new and expensive annual fee.
And so to all those corporate and personal gadgets Windows 1o. “It’s time to upgrade your PC before the end of support,” urges Microsoft. “The end of support for Windows will arrive on October 14, 2025. This means that your computer will not receive technical support or security updates after that date.”
And that’s just not a risk worth taking – certainly not with Windows.