Windows 10 security flaws leave millions vulnerable

Windows 11 is the latest and top operating strategy from Microsoft, but it has its flaws, truthful overmuch truthful that adjacent 4 years aft its release, immoderate radical are sticking with older versions. Windows 10 remains the operating strategy of prime for many, adjacent though Microsoft has shifted its absorption wholly to Windows 11. In fact, the Redmond-based institution volition extremity information updates for Windows 10 this October.

If that’s not capable to propulsion you toward upgrading, the latest quality mightiness be. The 240 cardinal Windows 10 users are susceptible to dozens of information vulnerabilities, six of which are reportedly already being exploited by atrocious actors.

STAY PROTECTED & INFORMED! GET SECURITY ALERTS & EXPERT TECH TIPS – SIGN UP FOR KURT’S ‘THE CYBERGUY REPORT’ NOW

A idiosyncratic typing connected a Windows laptop (Kurt "CyberGuy" Knutsson)

Critical Windows 10 information flaws exploited

The vulnerabilities successful question were portion of a caller Microsoft Patch Tuesday update, a monthly merchandise wherever the institution addresses information flaws. In this case, six circumstantial exploits were identified arsenic being actively utilized by hackers to people Windows 10 systems. These exploits are peculiarly alarming due to the fact that they are already successful the wild, meaning attackers are leveraging them to compromise systems earlier each users person had a accidental to update their devices. 

The affected population, estimated astatine 240 million, refers to users whose PCs cannot upgrade to Windows 11 owed to hardware limitations, specified arsenic lacking TPM 2.0 (Trusted Platform Module) oregon different strategy requirements.

The six exploits see a premix of flaws that let hackers to execute assorted malicious outcomes, specified arsenic executing arbitrary code, escalating privileges to instrumentality afloat power of a strategy oregon bypassing information features. 

For example, 1 exploit mightiness overload strategy representation to overwrite captious information (a buffer overflow), portion different could let attackers to entree delicate accusation by exploiting a flaw successful the Windows Kernel. These vulnerabilities are particularly unsafe due to the fact that they tin beryllium triggered remotely oregon done seemingly innocuous actions, similar opening a malicious record oregon mounting a compromised virtual hard disk.

Windows laptop (Kurt "CyberGuy" Knutsson)

CLICKFIX MALWARE TRICKS YOU INTO INFECTING YOUR OWN WINDOWS PC

A hole is determination (for now)

Microsoft has released patches to code these issues, and America’s Cyber Defense Agency has urged users to update their systems immediately, ideally by this month, oregon hazard terrible consequences. The bureau adjacent suggested turning disconnected unpatched computers arsenic a precaution. Updating to the latest Windows 10 spot is the simplest and astir effectual mode to support against these exploits close now.

However, a bigger occupation looms aboriginal this year. Microsoft volition officially extremity escaped information updates for Windows 10 connected October 14, 2025. After that, systems moving Windows 10 volition nary longer person captious information patches, unless users enroll successful Microsoft’s Extended Security Updates (ESU) program.

This ESU programme volition beryllium disposable to idiosyncratic users for the archetypal clip and volition outgo $30 per instrumentality for 1 further twelvemonth of updates. It’s designed to springiness users much clip to transition, particularly those who can’t upgrade to Windows 11 owed to hardware limitations. While this offers a impermanent reprieve, it's not a semipermanent solution; the ESU programme volition lone widen enactment for a constricted clip (typically 3 years successful endeavor settings) and prices whitethorn summation annually.

The standard of the occupation remains significant. Millions of devices deficiency the hardware requirements for Windows 11, specified arsenic TPM 2.0 and newer CPUs, making the displacement costly oregon impractical for some. Analysts pass this could lend to a surge successful physics waste, unless recycling and repurposing efforts amended dramatically.

RELENTLESS HACKERS ABANDON WINDOWS TO TARGET YOUR APPLE ID

How to support your Windows devices up to date

If you’re a Windows 10 user, the contiguous measurement is to guarantee your strategy is updated with the latest patches. Follow the steps beneath to bash that:

• Select Start
• Click Settings
• Click Windows Update
• Click Check For Updates
• If a diagnostic update is disposable for your device, it volition look separately connected the Windows update page
• To instal it, click Download and Install now

Windows update (Kurt "CyberGuy" Knutsson)

MICROSOFT SETS MAY END DATE FOR SKYPE AFTER 14-YEAR RUN

3 further ways to enactment harmless from Windows vulnerabilities

1) Use beardown antivirus software: Even with the latest patches, nary strategy is wholly immune to threats. Strong antivirus bundle tin enactment arsenic a 2nd enactment of defense, detecting and neutralizing malware that exploits vulnerabilities earlier they origin harm. Look for solutions with real-time extortion and predominant updates to tackle emerging threats. While this won’t hole unpatched strategy flaws aft October 2025, it tin trim risks from communal onslaught vectors similar phishing oregon malicious downloads. Get my picks for the champion 2025 antivirus extortion winners for your Windows, Mac, Android and iOS devices.

2) Limit exposure: Many exploits trust connected idiosyncratic interaction, specified arsenic clicking a shady link, downloading a compromised record oregon mounting an untrusted virtual disk. Stick to reputable websites, debar opening unsolicited email attachments and usage a browser with built-in information features (like Microsoft Edge oregon Chrome with Safe Browsing enabled).

3) Plan for the future: The timepiece is ticking connected Windows 10’s information updates. If your hardware can’t grip Windows 11, measurement your semipermanent options. Buying a caller PC mightiness beryllium inevitable, but you could besides research alternatives similar Linux, which offers free, unafraid operating systems (e.g., Ubuntu oregon Linux Mint) that tally good connected older hardware.

Kurt’s cardinal takeaway

The roadworthy up for Windows 10 users is thing but smooth. With captious vulnerabilities emerging and authoritative enactment coming to an end, millions are being pushed into a hard decision. They tin upgrade their hardware, wage for impermanent patches oregon proceed utilizing progressively susceptible systems. As October draws closer, the risks volition lone increase. Updating your strategy is essential, but it’s conscionable a short-term measure. Now is the clip to commencement preparing for what comes after, earlier the model of extortion closes for good.

Do you deliberation tech companies are doing capable to forestall hackers from obtaining your data? Let america cognize by penning america at Cyberguy.com/Contact.

For much of my tech tips and information alerts, subscribe to my escaped CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question oregon fto america cognize what stories you'd similar america to cover.

Follow Kurt connected his societal channels:

• Facebook
• YouTube
• Instagram

Answers to the most-asked CyberGuy questions:

• What is the champion mode to support your Mac, Windows, iPhone and Android devices from getting hacked?
• What is the champion mode to enactment private, unafraid and anonymous portion browsing the web?
• How tin I get escaped of robocalls with apps and information removal services?
• How bash I region my backstage information from the internet?

New from Kurt:

• Try CyberGuy's caller games (crosswords, connection searches, trivia and more!)
• CyberGuy's exclusive coupons and deals

Copyright 2025 CyberGuy.com. All rights reserved.