
When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works .
That marks about a month and a half since the patch, and it illustrates quite clearly that when it comes to computer security , the publication of a patch is almost always the easy part; getting that patch into every device that needs it is the real tricky bit. The patch is part of standard Windows updates, too, so there's really no technical reason for not installing it. Additionally, since BlueHammer gets the attackers a SYSTEM shell, the ransomware in question may encrypt parts of the OS or the boot process rather than "just" the data files, potentially making machines unusable on top.
While stating that "people don't patch their machines" is a broad statement that won't surprise anyone in the field, a recent report from security vendor Absolute claims the application of critical OS patches across Windows 11 and 10 lags 127 days (over 4 months) on average, and that figure basically doubled since last year. Even in enterprise settings, Absolute says the average time-to-patch is shockingly high at 76 days, or 2.5 months. While one vendor's claims aren't gospel, the figures aren't too hard to believe; plus, they're averages, meaning half the machines purportedly go unpatched for longer than those timeframes.
Depending on the source, estimates on the percentage of Windows 10 machines can vary between 15% (PassMark) and 26% (StatCounter) . Calling it 20% for simplicity's sake, that's 1 out of 5 machines almost guaranteed to be unpatched. Techies like us know full well that Microsoft has extended security updates (ESU) for Windows 10 twice now , with the new real EOL now being October 14, 2027. The problem is, although enrolling a machine into ESU is trivial, the lack of public awareness essentially guarantees these machines will remain vulnerable until they're upgraded or replaced.
Meanwhile, Nightmare Eclipse says they're "done with taking a break", and that "July will be an incredibly interesting month because [they] will drop some really interesting and possibly insanely controversial findings."
Windows Server vulnerability can grant system privileges with just a malformed packet
Microsoft's bug-hunting nemesis extends vendetta with more zero-day attacks
Key considerations
- Investor positioning can change fast
- Volatility remains possible near catalysts
- Macro rates and liquidity can dominate flows
Reference reading
- https://www.tomshardware.com/tech-industry/cyber-security/SPONSORED_LINK_URL
- https://www.tomshardware.com/tech-industry/cyber-security/windows-defender-bluehammer-vulnerability-now-exploited-as-part-of-malware-campaigns-cisa-issues-warning-despite-patch-release-on-april-14#main
- https://www.tomshardware.com/subscription
- NAIRR Science Program Reshapes Scientific Research, Powered by NVIDIA AI Infrastructure
- Eco Wave Power Turns Waves Into Watts With NVIDIA AI Infrastructure and Digital Twins
- Steam Machine scalping hits $3,000 on eBay as sellers list preorder reservations — scalpers already flipping queues for 2X the MSRP of the 2TB model
- Legacy Nvidia RTX 3060 12GB returns to retail five years after original launch, priced at $339 — resurrected GPU strategy that Jensen called a 'good idea' appar
- Apple reportedly lobbies Uncle Sam for access to Chinese memory chips — tech giant allegedly wants to buy from blacklisted CXMT
Informational only. No financial advice. Do your own research.