Microsoft has alerted users to a critical bug affecting the Windows 11 24H2 update, which could potentially leave systems vulnerable to security threats.
The issue, identified on December 24, 2024, specifically impacts installations performed using physical media such as CDs or USB flash drives.
The problem arises when users install Windows 11 version 24H2 using media that includes security updates released between October 8 and November 12, 2024.
After installation, affected devices enter a state where they cannot accept further Windows security updates, leaving them potentially exposed to cyber threats.
It’s important to note that this bug does not affect systems that receive updates directly through Windows Update or the Microsoft Update Catalog.
The issue is primarily a concern for businesses, educational institutions, and tech enthusiasts who often use physical media for system updates or fresh installs.
Microsoft’s Response and Mitigation Strategies
Microsoft has acknowledged the severity of the issue and is actively working on a resolution[6]. In the meantime, the company has provided a workaround to mitigate the problem:
- Avoid Affected Media: Users are advised not to install Windows 11 version 24H2 using media that includes the October or November 2024 security updates.
- Use Updated Installation Media: Microsoft recommends creating new installation media that incorporates the December 2024 monthly security update, released on December 10, 2024, or later.
- Reinstallation for Affected Systems: For those who have already installed the affected version, Microsoft suggests a reinstallation using the updated media.
This bug underscores the importance of staying vigilant with system updates and installation methods. Professional users and IT administrators should be particularly cautious when deploying Windows 11 24H2 across multiple systems.
For individual users who have recently installed Windows 11 using physical media, it’s crucial to check the installation date and source.
If the installation falls within the affected period, applying the December 2024 security update via Windows Update or the Microsoft Update Catalog is recommended to restore the system’s ability to receive future security updates.
As the situation develops, users are advised to stay informed through official Microsoft channels and to implement the recommended workarounds to ensure their systems remain secure and up-to-date.
Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free