Updated August 6 with new key-logging warnings for Windows users.
This has not been a good few weeks for Microsoft. Fresh from the Recall recoil, CrowdStrike struck, with various ups and downs with Copilot momentum in between. But the constant throughout has been an impending security nightmare for the vast majority of its Windows users, now just months away.
We’re talking Windows 10, of course, and the staggeringly painful campaign to warn hundreds of millions of holdouts that they need to upgrade to Windows 11. Back in June, I reported on the latest Microsoft nag—a full-screen warning that “end of support for Windows arrives on October 14, 2025; this means your desktop won’t receive technical support or security updates after that date.”
ForbesSamsung Issues Critical Update For Millions Of Galaxy Users-Google Confirms New AttacksBy Zak Doffman
If there was any doubt as to the real danger in leaving Windows unprotected, then Monday’s US government warning should quickly change minds. A 2018 Windows vulnerability has been added to its Exploited Vulnerability (KEV) catalog. “Microsoft COM for Windows,” CISA warns, “contains a deserialization of untrusted data vulnerability that allows for privilege escalation and remote code execution.”
Users have been given until August 26 to patch or cease using Windows systems. Clearly, this 2018 vulnerability does not impact Windows 11, nor any other Windows system updated in the last six years. The Windows 10 risk, though, is real.
MORE FROMFORBES ADVISOR
The prompt for CISA’s warning appears to be an August Cisco Talos report claiming that a Chinese hacking group with links to the country’s Ministry of State Security may have successfully exploited CVE-2018-0824 as part of an attack on a government research center in Taiwan. The center was “likely compromised,” Talos says.
“APT41 is a prolific and dangerous threat actor that all users and cybersecurity practitioners should be keeping track of,” Talos warns. “APT41 created a tailored loader to inject a proof of concept for CVE-2018-0824, a remote code execution vulnerability in Microsoft COM for Windows, directly into memory to achieve local privilege escalation… Users should ensure all Windows systems are up to date to the latest version to protect against this vulnerability.”
If CVE-2018-0824 and APT41 all sounds a bit niche and unlikely to target your own Windows PC at home, then SnakeKeylogger is quite the opposite. The Register warns that “criminals are preying on Windows users yet again, this time in an effort to hit them with a keylogger that can also steal credentials and take screenshots.”
“Its arsenal includes keystroke logging, harvesting credentials, and capturing screenshots,” Fortinet’s security research team warned this month of the SnakeKeyLogger trojan threat to Windows users. “Based on the FortiGuard telemetry, there were hundreds of 0-day detection hits. Moreover, the sites that the trojan connects to were queried several times which suggests infection.”
While this hasn’t surfaced into a full scale zero-day warning as yet—more variations on a theme, it’s yet another reminder as to potential Windows vulnerabilities if the OS is not tightly managed. SnakeKeylogger targets users by way of malicious downloads, shared over email through phishing campaigns.
Back in 2022, Check Point Research warned that SnakeKeyLogger “is usually spread through emails that include docx or xlsx attachments with malicious macros, however this month researchers reported that SnakeKeylogger has been spread via PDF files. Users are advised to maintain good antivirus software and attachment scanning, as well as to beware the attachments the download and open to keep safe.
Putting aside CVE-2018-0824 being woken from the dead and the much more current SnakeKeyLogger RAT, the real challenge for many Windows 10 users is more one of hardware than the softer UI side of their Windows OS. If their machines are not suitable for Windows 11—as many are not, then they find themselves in an upgrade trap, having to buy new hardware for no ostensibly good reason other than Windows 10 coming off support. This becomes a resentful purchase to say the least.
But we are where we are. Windows hasn’t changed its stripes, and nor has Microsoft’s approach. The threats disclosed this week are serious in themselves, but they’re also further good examples as to why the prospect of hundreds of millions of Windows users heading towards end-of-support is a security nightmare.
Maybe, just maybe, users are now starting to listen—albeit not enough, not nearly fast enough. As Windows specialist Neowin has just reported, “in July 2024, Windows 11 hit an important milestone: for the first time since its launch in October 2021, the operating system crossed the 30% market share mark.” Just. With the latest stats from Statcounter showing better than 7% year-over-year growth for Windows 11.
But that means that more than twice as many Microsoft Windows users are still not using Windows 11 than those that are. Even now. Three-years post launch.
Window 11 isn’t at all new, and all those converts and non-converts know its pros and cons; so setting aside a Copilot AI-driven boost, the question is whether this is a trend or a blip. Certainly, when you look at Statcounter’s Windows 10 chart decline over the last year (above), the line chart is not something you could ski down. Similarly, Windows 11 growth is an easy stroll up a gently slope, to put it mildly.
ForbesFBI Issues New Warning If You Buy Crypto From An ExchangeBy Zak Doffman
And so, while it’s clearly good news that there’s some movement, the reality looks worrying. There will be some accelerated shifting to Windows 11 in the coming months ahead of their October 2025 end-of-life, and there will be some companies and home users (when it’s available) taking up extended paid support. But there will also be many millions of users coming off support and taking the risk. With plenty of headlines fueling the reluctance, this problem isn’t going away (1,2,3).
Take a look at Reddit or even the comments to this article and you’ll see the large body of Windows users opinion that is waiting for Microsoft to pull a late rabbit from the hat and extend Windows 10 support. Quite how that will land with all those who have made the investment to upgrade remains to be seen.
Given the experience of recent weeks, with those global images of blue screens of death all around, come next October, this could be a hackers’ paradise for some time at least. The other factor that will play will be bad actors taking advantage of the bad situation and mailing out scam after scam to target worried Windows 10 users.
Expect to see plenty of that through 2025.