Republished on November 29 with Microsoft’s new AI update and if you can fix the PC update 2025 issue.
A stark reminder this week that 450 million Windows users must now act to ensure their PCs and data remain safe. Microsoft has provided a $12 billion solution to the problem, but it won’t protect everyone. Just make sure you’re not caught out.
On Tuesday, ESET published a report on a Windows vulnerability until now unknown, related to a vulnerability of a browser equally unknown to effectively attack PCs. The two risks have now corrected and Windows users must ensure that their PCs are updated. But if your PC is no longer taken care of, this is precisely the type of risk against which it will not be protected.
There are still 850 million Windows 10 users, and another 50 million have even older versions of the operating system. Fortunately, around 450 million users have PCs that are probably experiencing the necessary technical obstacles to update Windows 11 and maintain Array. That leaves 400 million Windows 10 users who want to take action before Windows 10 ends next October, plus the remaining 50 million, of course.
Microsoft has now famously offered a $30 one-time-deal to extend Windows 10 support by 12-months—a $12 billion windfall if all 400 million users unable to move to Windows 11 extend. There are also various workarounds to trick a PC without the required TPM 2.0 hurdle to upgrade to Windows 11. Plus there’s always the option to upgrade your hardware, and 2025 could be a good time to buy a new PC. Whatever option you choose, just make sure you pick one and maintain support. Microsoft’s current nags might be irritating, but they’re bugging you for a reason.
According to ESET, “the vulnerability previously attributed to Windows, CVE-2024-49039 with a CVSS score of 8. 8”, allows arbitrary code to be executed as if via the logged-in user. This use after a loose reminiscence Bug supplies a path from the browser to the PC, activated when the online page hosting the exploit is visited.
This chained with “CVE-2024-9680, with a CVSS score of 9. 8, [which] allows vulnerable versions of Firefox, Thunderbird and the Tor browser executes the code in the limited context of the browser. This defect of the Windows task planner Sandbox output, which allows an attack to plan the execution of a malicious task.
In combination, “if a victim lands on an Internet page containing the exploit, an opponent can execute arbitrary code – without user interaction – which in this case has led to the installation of the stolen Romcom gateway of the same name. ” on the victim’s PC »»
Romantic comedy chain
ROMCOM is a cyber risk organization backed by Russian that the objectives of the corporations for monetary gain, as well as the state -induced espionage operations or at least the State. Safe, pharmaceutical products and energy.
This specific attack is based on a malicious online page “that redirects the possible victim to the server that houses the exploit. ” Once the exploit is downloaded, it runs code to open the rear door of Romcom. This chain attack that involves two other vulnerabilities that are executed together is typical of what we see today, which is why even innocent or probable niche threats can be harmful when used in combination with other known or unknown vulnerabilities.
ESET says that “from October 10, 2024, to November 4, 2024, potential victims who visited websites hosting the exploit were located mostly in Europe and America.” This attack was targeted, with up to a few hundred victims per country identified, but the threat itself has the potential to expand or to be provided to other bad actors.
“Chaining two zero-day vulnerabilities armed Romcom with an exploit that requires no user interaction,” explains ESET. “This point of sophistication shows the willingness of the risk actor and means obtaining or developing stealth capabilities. “
The cyber team also highlights the exceptional speed with which Mozilla is publishing a fix in just 25 hours, “which is very impressive compared to industry standards. “Microsoft has fixed the Windows vulnerability in the update this month.
Despite Microsoft’s resolution to offer a remunerated extension of 12 months to Windows 10 users, analysts still expect a recovery in PC sales in 2025, driven through the end of the life of Windows 10. As reports The registration “, the global computer market is expected to grow 4. 9% in 2025, however, they are the advertisement update cycles and the end of the life of Windows 10 that drive this expansion instead of requesting for PC enabled for AI “.
Trfinishforce analysts plan to assume the position for 2025 based on “the slightest political uncertainty after US presidential elections and types of types in the Federal Reserve in September 2024, which will stimulate capital flows. ” Combined with the end of the Windows 10 service and the demand for updates of advertising devices, global laptops will grow 4. 9 % to 183 million units in 2025. “
This follows a 2024 year “hindered by high interest rates and geopolitical uncertainties, [with] annual shipments expected to reach 174 million units, marking a 3. 9% year-over-year increase. . . Commercial shelves “They face headwinds in 2024 due to global layoffs and economic and political instability, leading to a more cautious call for the environment. “
Simple math tells us that the 450 million PCs that want to upgrade may not be served until next October, leaving a giant number wanting to pay $30 or dropArray. Most of the 2025 recovery is also expected to occur in the enterprise market, which already knew there would be Windows 10 features beyond next October and for more than 12 months. »
This is new. As Windows Central advised in September, “Generation AI is driving sales of Microsoft’s Copilot PC, a pressing desire for future-proof upgrades, along with drawing Windows 10’s near-death East. “With the disappointing analyst reports on PC shipments in the third quarter, it suggests that “consumers are buying AI PCs due to their desire to upgrade and buy new devices, because of their complicated capabilities” The parent’s attention is already shifting towards 2025.
Which has not been considered as if a misalignment of source and demand, namely on the customer side, would spice up growth. In fact, it has the prospect of generating smart offers in the market, with those users now having the new extension option, meaning they can wait a little longer and get advantages from the new generation of AI that is installed and is likely priced accordingly.
Microsoft is now helping to spice up PC sales, pausing users with NAGS to update their systems before Windows 10 expires. As annoying as it is, a successful hack would be worse. And for Microsoft, the prospect of a bunch of millions of Windows users no longer paring PCs will have to be a nightmare.
Perhaps, alone, Microsoft has anything else up its sleeve to inspire a faster Windows 10 migration and a build on the percentage of sales of new PCs that are headed to shiny new AI-enabled machines.
As just reported via Windows Central, the initial judgments now on Windows’ debatable retirement capability “are strangely positive, given the many privacy and security concerns, as well as the delays the feature had when launched. “origin”. It’s not widely having to have only a beta version for experts, however, the reviews will be well-studied for greater insight if you’re heading in the right direction.
The concept of memory resembles that of a fantasy novel. “Remembering is necessarily a safety net, saving everything you see and do in case it’s deleted or out of place later. “Personally, I’ll want to be convinced that a background procedure that records everything on my device is something I looked for anywhere. Remember that anything stored can be found. Nothing.
And that was the basis of the controversy over security and privacy. How secure was this “safety net”? What happens when a device is compromised? To its credit, Microsoft quickly realized that solving this problem was the most critical component of its latest AI plan, and a lot of work has gone into opt-outs and safeguards.
This latest iteration, says Windows Central, “is super configurable to the point where you can figure out the kind of content you capture and don’t capture. If you’re tired of that withdrawal, capturing snapshots of your monetary data or talking to friends, you can remove those express programs and internet sites so they never look like they’re in retirement.
Now, he says, the reminder is “one of those functions that does not show its price until you want. For example, the other day was writing the content of an article in our CMS (which has no backup tools) and I decided That I no longer wanted some paragraphs.
You have to make a very conscious resolution to have that ability to see all the AI in the background, even as an option. As Computer World explains, “Windows Recall can only be obtained in those new PCS. IT co -films. A new PC called “Copilot PC”.
Which brings us back to the two main challenges: 450 million pieces that want to expand Windows 10 or transfer hardware over the next year, and a reluctant PC buying market that doesn’t yet appear in a position to transfer to AI-powered devices yet.
To remind you, change this: at least to some extent, offering an explanation of convincing update why for Windows 10 users who are overcoming their curse resistance to Windows 11 and encouraging users and others to follow the “co -pilot”.
It does not appear like the answer yet. Despite “surprisingly” positive reviews, there are still primary problems to overcome. As the Register reports, “Even even although Copilot PC are desperate for a ‘Killer app’ to justify their spending, users have added to Microsoft’s list of known recall problems. . . the biggest, which is stated through Microsoft yet has also been reported through users, is a hold up in stored snapshots, or garage that has absolutely packed up. Microsoft’s recommendation is to restart your PC. »
And it’s not as simple to turn it off as it sounds. ” It can be enabled or disabled from ‘Windows or disabled features’, but the binaries still persist. Microsoft said: “In a long-term update, we will remove the binaries entirely. . “”
Then, the challenge remains and all the eyes will be in those Windows 10 update numbers in the first two quarters of 2025, even if those are updates of popular hardware and not new PC. The outstanding challenge through these contrasting recovery criticisms is that if users that this generation is in the long term and will only improve, will wait for the software to be elegant and hardware to locate a more empty price.
This could be another explanation for why a 12-month Windows 10 extension works for Microsoft. Ensuring that an army of Windows users don’t transfer too temporarily and lose the opportunity to use those AI features until they do so again, in a few years.
“There is no deadline for which Microsoft that withdrawal is in a position to be published,” says the registration, “even in the form of a review review. It turns out that even if Microsoft has advanced the safety of the product, the fact that some Users will have to restart to launch the instantaneous capture service.
A community. Many voices. Create a free account to share your highlights.
Our network is to unite other people through open and considered conversations. We need our readers to share their reviews and exchange concepts and made in a space.
In order to do so, please follow the posting rules in our site’s Terms of Service. We’ve summarized some of those key rules below. Simply put, keep it civil.
Your message will be rejected if we realize that it seems to contain:
User accounts will be blocked if we realize or that users are committed:
So how can you be a rude user?
Thanks for reading our community guidelines. Please read the full list of posting rules found in our site’s Terms of Service.