
When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works .
That marks about a month and a half since the patch, and it illustrates quite clearly that when it comes to computer security , the publication of a patch is almost always the easy part; getting that patch into every device that needs it is the real tricky bit. The patch is part of standard Windows updates, too, so there's really no technical reason for not installing it. Additionally, since BlueHammer gets the attackers a SYSTEM shell, the ransomware in question may encrypt parts of the OS or the boot process rather than "just" the data files, potentially making machines unusable on top.
While stating that "people don't patch their machines" is a broad statement that won't surprise anyone in the field, a recent report from security vendor Absolute claims the application of critical OS patches across Windows 11 and 10 lags 127 days (over 4 months) on average, and that figure basically doubled since last year. Even in enterprise settings, Absolute says the average time-to-patch is shockingly high at 76 days, or 2.5 months. While one vendor's claims aren't gospel, the figures aren't too hard to believe; plus, they're averages, meaning half the machines purportedly go unpatched for longer than those timeframes.
Depending on the source, estimates on the percentage of Windows 10 machines can vary between 15% (PassMark) and 26% (StatCounter) . Calling it 20% for simplicity's sake, that's 1 out of 5 machines almost guaranteed to be unpatched. Techies like us know full well that Microsoft has extended security updates (ESU) for Windows 10 twice now , with the new real EOL now being October 14, 2027. The problem is, although enrolling a machine into ESU is trivial, the lack of public awareness essentially guarantees these machines will remain vulnerable until they're upgraded or replaced.
Meanwhile, Nightmare Eclipse says they're "done with taking a break", and that "July will be an incredibly interesting month because [they] will drop some really interesting and possibly insanely controversial findings."
Windows Server vulnerability can grant system privileges with just a malformed packet
Microsoft's bug-hunting nemesis extends vendetta with more zero-day attacks
Key considerations
- Investor positioning can change fast
- Volatility remains possible near catalysts
- Macro rates and liquidity can dominate flows
Reference reading
- https://www.tomshardware.com/tech-industry/cyber-security/SPONSORED_LINK_URL
- https://www.tomshardware.com/tech-industry/cyber-security/windows-defender-bluehammer-vulnerability-now-exploited-as-part-of-malware-campaigns-cisa-issues-warning-despite-patch-release-on-april-14#main
- https://www.tomshardware.com/subscription
- NVIDIA BioNeMo Agent Toolkit Brings Accelerated AI to Life Sciences Researchers in Claude Science
- Save a massive $1,100 on this RTX 5080 gaming PC with a 9800X3D from HP, now just $2,499 — liquid-cooled Omen 35L rig unlocks 4K gameplay with 32GB DDR5 and a 2
- HamsterOS jams a 32-bit GUI operating system in a single 1.44 MB floppy disk — retro OS for 386-era hardware should make for easy living with DOS machines and s
- The Ultimate Summer Sale Pairing: Steam Sale Meets GeForce NOW Discounts
- How Businesses Are Building Specialized AI They Can Trust
Informational only. No financial advice. Do your own research.