
Happy Friday friends! The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical directive urging federal and state agencies to update their Windows systems by Monday, October 7th, or stop using them. While this mandate targets federal employees, many public and private organizations follow CISA's guidance due to its mission to help organizations manage vulnerabilities and keep pace with emerging threats, especially in high-profile sectors.
What’s the threat?
CISA's alarm centers around two major vulnerabilities:
* CVE-2024-38112: Exploits a flaw in Windows Internet Shortcut files, allowing malicious URLs to open through the long-retired Internet Explorer instead of modern browsers like Edge or Chrome. Even on Windows 10 and 11, this can give attackers significant control over a system.
* CVE-2024-43461: A zero-day exploit that enables remote system takeover simply by visiting a webpage in Internet Explorer. This vulnerability has been actively exploited for over a year.
The Takeaway
If your company uses our Total Security service, rest assured we’ve already handled this update for you. For those managing it independently, Microsoft has released patches that address both vulnerabilities, specific to each operating system. You can access the official update guide here: Microsoft Security Update Guide.
Why this matters
These vulnerabilities are often exploited together, and patching one resolves the other. However, with nearly a billion users still holding out on updating to Windows 11, many systems may remain unpatched since the initial warning. This highlights the risks of delaying updates and staying on unsupported systems. Whether sticking with Windows 10 or considering the upgrade to Windows 11, the worst choice is doing nothing.
Stay safe out there.
-Attila
PS. If you think that this email might be helpful to a friend, family member, client or co-worker, feel free to pass it along. Always a pleasure to be of service to you and the community.
New Friday Funnies
Clippy! Is That You, Old Friend?

And continuing the theme of Microsoft office comedy.... Why did the PowerPoint presentation cross the road? To get to the other slide.
コメント