The government is issuing updates now warning Microsoft Windows users.
Updated on October 20th with Microsoft’s new blue screen of death update warning.
Here we go again. What was described as a “previously unknown” threat just three months ago has now prompted a third warning from the US government to update or stop using computers. By exploiting old code buried under the covers of today’s Windows systems, it quickly became clear that “A significant percentage of Windows devices are fully exposed and at risk of being taken over by attackers.”
The latest vulnerability issue is CVE-2024-43573, which the US cyber agency warns is “an unspecified spoofing vulnerability that could lead to a loss of privacy.” It directed all federal employees to “implement mitigation measures by supplier or discontinue use of the product if no countermeasures are available” by Oct. 29. In other words, update your computer within the next ten days or stop using it until you can.
As always, while the CISA mandate only applies to federal personnel, it is intended “for the benefit of the cybersecurity community and network defenders — and to help every organization better manage vulnerabilities and keep up with threat activity.” Since this is the third exploit of this type of vulnerability in a few weeks and the initial fixes clearly did not get the job done, everyone is advised to update immediately. “Don’t ignore this,” Trend Micro warns. “Test and deploy this update quickly.”
Timing-wise, the interesting twist with this October warning is that the 900 million Windows 10 users still haven’t moved to Windows 11, now just a year away from end-of-life which means end-of-support, which will cut off these users from updates like p. like this. Worse, 50 million Windows users were also reported to be on even older versions of the legacy operating system, meaning their machines are open to these threats.
The “previously unknown” threat that has now prompted the third emergency update warning is related to MSHTML, which—as Checkpoint explains—it’s a “special Windows Internet shortcut file that, when clicked, calls the deprecated Internet Explorer (IE) to visit the attacker-controlled URL… Opening the URL with IE instead of the modern and very more secure Chrome/Edge browser on Windows, the attacker gained significant advantages in exploiting the victim’s computer, although the computer is running the modern Windows 10/11 operating system.”
The first of these vulnerabilities, CVE-2024-38112was revealed in July and was linked to hacking attacks that Trend Micro attributed to APT group Void Banshee. Then, in September, CISA added CVE-2024-43461 to its list of Known Exploitable Vulnerabilities (KEVs), warning that it had been exploited “in conjunction with CVE-2024-38112.”
Exposing the second of these MSHTML vulnerabilities, Trend Micro explained that “this particular flaw exists in the way Internet Explorer prompts the user after downloading a file. An edited file name can cause the actual file extension to be hidden, misleading the user into believing that the file type is harmless. An attacker could exploit this vulnerability to execute code in the context of the current user.”
As for CVE-2024-43573—the third MSHTML vulnerability in as many months and actually the fourth this year, with CVE-2024-30040 revealed in May, Trend Micro says it’s “also very similar to the bug that was fixed in July… There’s no word from Microsoft on whether it’s the same team, but considering there’s no confirmation here, it makes us to believe that the initial patch was insufficient.”
Given this risk, that the initial fixes for the MSHTML threat may have been “inadequate”, all Windows users should update now, ensuring that the October Patch Tuesday updates are applied. There are clearly many active threats in the wild that exploit this “previously unknown” threat, and this will only get worse. Which also means that if you don’t already have support or might find yourself there in October 2025—with Windows 10 at the end of its life—you’ll need to consider your options.
Again, the complexity of updating Microsoft Windows users to address serious security threats risks being hampered by headline reports of errors in the Windows update process that threaten to cause more problems than they solve.
As Neowin According to reports, Microsoft has now confirmed “another bug that causes blue screens of death in Windows 11 24H2”. This major, annual update that could be Windows 12, given its scope, “has its own list of known bugs and issues, Neowin he says. “Some of these issues are serious enough to cause blue screens of death… Now, however, we have another known bug that causes system crashes.”
There have been wider issues, but this seems to be affecting computers with Voicemeeter installed. As XDA states, “Voicemeeter is the culprit that forced Microsoft to put a ‘compatibility hold’ on Windows 11 PCs using this app. Simply put, computers with the Voicemeeter app installed will not be updated to Windows 11, version 24H2 for now. Be careful, this is a temporary measure.”
If you have a voice meter on your computer, do not force the installation in any way. Microsoft warns that “we recommend that you do not attempt to manually update to version 24H2 using the Windows 11 Installation Assistant or media creation tool until this issue is resolved,” explaining that “after installing Windows 11 version 24H2, you may experience problems with your device if you are running the Voicemeeter app, while using the Voicemeeter app you may notice that your device experiences a blue screen with an error message indicating a MEMORY MANAGEMENT error… To protect your update experience, we have implemented a wait compatibility on devices using this app. These devices will not be offered to install Windows 11, version 24H2 through the Windows Update release channel.”
“Microsoft is not at fault here,” he says XDA. “Thankfully, VB-Audio Software, the company that developed the Voicemeeter app, has started working on a solution, but there is no clarity on how many days it will take for the team to fix the driver compatibility issue.” For those affected users, just make sure you still have the latest Windows update installed, ensuring that security vulnerabilities are patched. Same goes for others who are facing such update issues, including those with Asus devices.
