Windows Defender ‘BlueHammer’ vulnerability now exploited as part of malware campaigns — CISA issues warning despite patch release on April 14

Windows Defender 'BlueHammer' vulnerability now exploited as part of malware campaigns — CISA issues warning despite patch release on April 14

Bruno Ferreira is a contributing writer for Tom's Hardware. He has decades of experience with PC hardware and assorted sundries, alongside a career as a developer. He's obsessed with detail and has a tendency to ramble on the topics he loves. When not doing that, he's usually playing games, or at live music shows and festivals. ","collapsible":{"enabled":true,"maxHeight":250,"readMoreText":"Read more","readLessText":"Read less"}}), "https://slice.vanilla.futurecdn.net/13-4-24/js/authorBio.js"); } else { console.error('%c FTE ','background: #9306F9; color: #ffffff','no lazy slice hydration function available'); } Bruno Ferreira Social Links Navigation Contributor Bruno Ferreira is a contributing writer for Tom's Hardware. He has decades of experience with PC hardware and assorted sundries, alongside a career as a developer. He's obsessed with detail and has a tendency to ramble on the topics he loves. When not doing that, he's usually playing games, or at live music shows and festivals.

ezst036 Linux was vulnerable last month. Who will it be in July or August. Reply

bit_user The article said: they're averages, meaning half the machines purportedly go unpatched for longer than those timeframes. That's true of a median, but not necessarily a mean (which is the more common type of average). Even with a mean, some machines will go unpatched for longer, but it's not usually a 50/50 split – especially in cases where the distribution is asymmetrical, which should be the case here. Reply

DS426 ezst036 said: Linux was vulnerable last month. Who will it be in July or August. Windows — almost certainly based on Nightmare Eclipse's own claims. Linux might be as well due to the use of recent AI models to both find software vulnerabilities and craft exploits for them. Reply

DS426 Crazy that time-to-patch is increasing when newer advances in patching like Autopatch and Hotpatching are available in the Windows world. A 30-day TTP is too long on Windows in a business environment, about 7 days being the gold standard and 14 being silver. Sysadmins do have to test on various client and server hardware and software combinations and roll out gradually ("update rings"), which takes several days for most medium to large organizations. Rather high numbers in this article for TTP; I think Absolute is using data on consumer PC's as well, some of which are ones where someone paused updates and thus are kind of skewing the numbers as @bit_user mentioned can happen with both mean and median averages ("outliers"). I'm seeing numbers in the single-digits to teens for a good portion of enterprises from various reporting sources on the Windows OS, though apps do have higher numbers. Still, yes, millions of Windows PC's remain vulnerable to actively-exploited OS and/or app vulns for over a month. That reality isn't going away any time soon. Reply

Key considerations

  • Investor positioning can change fast
  • Volatility remains possible near catalysts
  • Macro rates and liquidity can dominate flows

Reference reading

More on this site

Informational only. No financial advice. Do your own research.

Leave a Comment