Engineer and coder that likes memes.

  • 4 Posts
  • 69 Comments
Joined 2 years ago
cake
Cake day: July 29th, 2023

help-circle


  • See an example here:

    Microsoft said both issues could allow attackers to execute code with elevated privileges, although there are currently no indications on how they are being exploited and how widespread these efforts may be. In the case of CVE-2025-24990, the company said it’s planning to remove the driver entirely, rather than issue a patch for a legacy third-party component.

    The security defect has been described as “dangerous” by Alex Vovk, CEO and co-founder of Action1, as it’s rooted within legacy code installed by default on all Windows systems, irrespective of whether the associated hardware is present or in use.

    New attack vectors are found constantly. Having no support can very likely result in a system that can be automatically breached in a few weeks to months.

    As long as you don’t have a public IP on your device and are in a trusted network you should be fine. But if you use a public wifi or somehow expose a port to the internet you’re increasingly vulnerable for each day after the last security update.











  • prof@infosec.pubtoTechnology@lemmy.world*Permanently Deleted*
    link
    fedilink
    English
    arrow-up
    27
    ·
    4 months ago

    EOL means no more security updates, which means attack vectors don’t get patched.

    If you keep using a Windows installation (or any OS for that matter) that isn’t patched regularly you are very likely to be victim to some malicious actor eventually. It’s not manual hacking anymore, it’s bots scraping the whole internet exploiting known vulnerabilities completely automated.

    The risk is much lower if you’re in a home network with NAT, where your PCs IP is not publicly reachable, but if you communicate with any webservices you’re still vulnerable.

    As example. If you nowadays put a Windows XP machine live on the internet with a public IP, it will be compromised within minutes.

    So yeah. Good call switching to Mint, but please don’t use unpatched Windows.








  • That’s a tough question and I don’t really have am answer.

    But if it’s work related I’d look into finding a Windows SysAdmin course somewhere and ask my employer to pay for it, since it helps with your work.

    A cheaper alternative would be online courses. I found Udemy quite helpful in that regard.

    Another possibility is Microsoft Learn, which offers basic to professional “Learning paths” you can do on your own time. There’s also a SysAdmin certification available if I recall correctly.

    Edit, since I just reread your post: Microsoft Learn is almost completely about Azure. So you should really take a look at it.