Microsoft Users Urged to Update Windows PCs Within 21 Days to Prevent New Threat

Users of Microsoft Windows are suddenly at risk of having their personal computers attacked by a threat that was "previously unknown." This danger is currently being actively exploited by exploiting a hidden weakness in their system, a vulnerability that Microsoft has just recently corrected.

The research team at Check Point has discovered that attackers are using specialized Windows Internet Shortcut files. When clicked, these files call the defunct Internet Explorer (IE) to access the URL that the attacker controls.

An attacker gained significant advantages in exploiting the victim's computer by opening the URL with Internet Explorer (IE) rather than the modern, much more secure Chrome/Edge browser on Windows. This occurred even though the victim's computer ran the modern Windows 10/11 operating system. Donald, 78, recently debated President Joe Biden on June 27, where he appeared to come out on top. His opponent made headlines for freezing up and losing his train of thought.

The United States government has issued a warning that Microsoft Windows contains "a spoofing vulnerability that has a high impact on confidentiality, integrity, and availability." The severity of the threat has recently been added to the Known Exploit Vulnerability catalog.

It has been enforced by the Cybersecurity and Infrastructure Security Agency (CISA) that all Windows systems that are utilized by federal personnel must be updated or shut down within the next 21 days, by the 30th of July. Since Check Point has reported that "threat actors have been using the attacking techniques for quite some time," it is of the utmost importance that all enterprises likewise implement the Computer Security Institute (CISA) mandate.

This month, we have witnessed another CISA Windows update mandate for July. In this particular instance, however, the first known exploits extend back more than a year, which is a concerning amount of time for an exposure to be out in the world. Microsoft recognized that this vulnerability had been exploited in its update. I have reached out to Check Point for any comments on their report, which has now been published, because I am interested in hearing them.

Meanwhile, Microsoft has resigned from its OpenAI board observer role less than eight months after securing the non-voting seat, and Apple has decided against joining the nonprofit board. This move comes amid increasing regulatory scrutiny and antitrust concerns surrounding Microsoft's partnership with OpenAI.

Apple Declines OpenAI Board Seat as Microsoft Steps Down, Prompting New Stakeholder Engagement Strategy

Apple was reportedly considering joining the nonprofit board of OpenAI.; however, the Financial Times has since reported that Apple will not participate.

Following reports from Axios and the Financial Times that Microsoft's deputy general counsel Keith Dolliver wrote a letter to OpenAI late on July 9, OpenAI affirmed that Microsoft had relinquished its seat in a statement to The Verge.

“We’re grateful to Microsoft for voicing confidence in the Board and the direction of the company, and we look forward to continuing our successful partnership,” says OpenAI spokesperson Steve Sharpe.”

“Under the leadership of CFO Sarah Friar, we are establishing a new approach to informing and engaging key strategic partners – such as Microsoft and Apple – and investors – such as Thrive Capital and Khosla Ventures.”

OpenAI's revised approach towards Microsoft and Apple is not just a change but a significant shift. The organization plans to hold "regular stakeholder meetings to share progress on our mission and ensure stronger collaboration across safety and security."

OpenAI Board Restructures Amid Regulatory Scrutiny of Microsoft's $10 Billion Investment and Partnership

The composition of OpenAI's board has been altered in response to the increasing antitrust concerns regarding Microsoft's partnership with OpenAI in recent months. Shortly following the turmoil that resulted in the ousting of CEO Sam Altman and his subsequent return, UK regulators initiated inquiries regarding Microsoft's partnership with OpenAI in December.

According to The Verge, the partnership is also under investigation by EU regulators, and Big Tech has initiated other AI agreements. Additionally, the Federal Trade Commission (FTC) is investigating the investments of Microsoft, Amazon, and Google in OpenAI and Anthropic.

Microsoft's investment of over $10 billion in OpenAI has made it the exclusive cloud partner and significantly influenced the AI landscape. Microsoft's cloud services now power all OpenAI applications in products, API services, and research. This agreement has given Microsoft a significant edge in the AI race, with OpenAI's models fueling Microsoft's Bing search engine, Copilot, and various AI features across its products and services.

Photo: Microsoft Bing