PTA Issues Warning on Windows 11 24H2 Security Vulnerability

The Pakistan Telecommunication Authority (PTA) has issued a cybersecurity advisory following Microsoft’s warning about a critical vulnerability in Windows 11 version 24H2. The flaw affects devices installed using outdated physical media, rendering them incapable of receiving future security updates. This vulnerability could expose systems to potential cyber threats if not promptly addressed.

According to the advisory, the issue primarily impacts IT professionals, system administrators, and educational institutions that rely on DVDs or USB drives for installing or updating Windows. Devices updated through online methods such as Windows Update or the Microsoft Update Catalog remain unaffected. Microsoft has classified the issue as a high-severity vulnerability with an attack vector linked to the use of obsolete installation media.

To mitigate the risks, PTA advises against using installation media that includes updates from October or November 2024. Instead, users are urged to create new installation media that includes the December 2024 security patch or a later version. For systems already affected, Microsoft recommends a complete reinstallation using the updated media to restore proper update functionality.

The advisory also outlines broader cybersecurity measures, including monitoring network traffic for irregular activity and communications with known malicious IP addresses or domains. Additionally, organizations are urged to maintain updated antivirus and anti-malware software and implement multi-layered defenses across all endpoints.

Emphasizing the importance of user awareness, the PTA highlights the need for regular employee training on cybersecurity practices. These include recognizing phishing attempts, practicing secure browsing habits, and ensuring vigilance when handling external devices. The advisory serves as a timely reminder of the growing complexities of system vulnerabilities and the need for proactive defense strategies.