The update deadline is fast approaching
Updated June 29 with details about a restart loop affecting some Windows 11 users.
Timing is everything, and that’s especially true for the millions of Microsoft Windows users with a fast-approaching July 4 deadline to update their systems.
Just two weeks ago we saw a patched Windows vulnerability come back to life. Although Microsoft had not suggested any known exploits for CVE-2024-26169, Symantec security researchers felt somewhat differently, with “some evidence” that attackers “compiled a CVE-2024-26169 exploit prior to the patch.”
And it was just a month ago that several US government agencies, including CISA and the FBI, collaborated on a Cybersecurity Advisory warning that “Black Basta affiliates have targeted a wide range of businesses and critical infrastructure across North America, Europe and Australia impacted. As of May 2024, Black Basta affiliates have impacted more than 500 organizations worldwide.”
Black Basta is a Ransomware-as-a-Service (RaaS) group that has targeted “12 of the 16 critical infrastructure sectors,” the agencies said, “including healthcare and public health.” But the group’s activities extend far beyond the public sector, affecting Hyundai, Rheinmetall, Capita and ABB, among others.
Timing is everything. And these stories come together — somewhat uncomfortably for Microsoft — because Symantec suggested that it was “the cybercrime group Cardinal (aka Storm-1811, UNC4393), which operates the Black Basta ransomware” that likely exploited the privilege escalation vulnerability in Microsoft’s Windows Error Reporting Service for several weeks before it was patched in March.
CISA has added CVE-2024-26169 to its Known Exploit Vulnerability (KEV) catalog, noting that it is “known to be used in ransomware campaigns” and requiring all Windows systems to be updated or closed. That mandate only applies to U.S. federal agencies, but CISA says it “urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation actions.”
Black Basta has now generated significantly more than $100 million in ransomware payments, so leaving Windows systems unpatched is a gamble no organization should take. Everyone should follow CISA’s July 4 update mandate. While the specific issue here is less relevant for personal users, if you haven’t already done so, it’s best to update right away.
Since this article was published, the situation for Windows 11 users has been complicated by spreading news of an unexpected reboot loop affecting some users installing June 5039302 version of Windows 11.
Microsoft has warned users that “after installing updates released on June 26, 2024 (KB5039302), some devices may become unbootable,” advising that “affected systems may restart repeatedly and require recovery operations to restore normal use.”
Don’t be alarmed by these headlines and keep updating the information as usual.
KB5039302 itself is not a mandatory update and is not a security update. So ignore those headlines and just carry on as usual. Do not confuse this update with the security patches that resolve the Microsoft Windows Error Reporting Service vulnerability. Either way, it is very likely that your Windows 11 PC is not affected by the new problem. This restart loop affects enterprise machines running “virtual machine tools and nested virtualization functions,” Microsoft said, meaning home users are less likely to be affected. Users will still see relevant updates as available.
The issues addressed in CISA’s alert were patched prior to the June release, and given the Black Basta angle, the urgency remains. And that means Microsoft has pulled KB5039302 for some users, but you should still make sure to update your PC before the July 4 deadline.
The much bigger issue impacting Windows home users is now fast approaching, even though that deadline is still over a year away on October 14, 2025. Just days before Symantec’s report, we saw that Microsoft was once again sending Windows 10 users urged to upgrade to Windows 11 With as many as 70% of users yet to make the switch before end-of-life next year, that challenge is becoming increasingly urgent and problems are beginning to affect Microsoft PCs around the world.
When Windows 10 goes end-of-life, it also goes end-of-support. No more security updates for users who don’t want to upgrade or pay a new and expensive annual fee.
And so to all those business and personal Windows 10 refusers. “It’s time to upgrade your PC before support ends,” Microsoft urges. “Windows support ends on October 14, 2025. This means your desktop will no longer receive technical support or security updates after that date.”
And that’s just not a risk you should take, especially not with Windows.