Correct old Windows systems or the risky computer worm

by



[ad_1]

Image: Drew Angerer / Getty Images

Michael Kan
for
PCMag

PCMag.com is a reference in technology that offers independent analyzes, based on laboratories, the latest products and services. Our expert industry analysis and practical solutions help you make better purchasing decisions and get the most out of technology.

Microsoft is trying to prevent the appearance of a computer worm by urging older Windows system users to patch their computers.

Redmond has discovered a serious flaw in Windows 7, Windows XP, Windows Server 2003 and 2008 systems, which could be exploited to create malware that can automatically spread from one vulnerable computer to another.

"Although we have not seen any exploitation of this vulnerability, it is very likely that malicious actors will write a exploit for this vulnerability and incorporate it into their malware," said Microsoft.

This vulnerability affects the Windows Remote Desktop Services feature, which can allow a user to take control of the machine over a network. Companies often choose to enable the feature on PCs and servers to remotely control them.

Normally, access requires a correct username and password. However, Microsoft has discovered that an "unauthenticated attacker" can install malware on a Windows computer through Remote Desktop Services by sending specially crafted data packets.

"An attacker could then install programs, view, modify or delete data, or create new accounts with full user rights," said Microsoft in its vulnerability notice.

The bug also does not require any interaction from the owner of the affected Windows machine. So theoretically, an attacker could scan the Internet to find additional machines to target. An estimated 3 million endpoints of the remote desktop protocol exposed to the Internet, according to Kevin Beaumont, a security researcher, quotes data from the Shodan device search engine.

Fortunately, Windows 10 and Windows 8 are safe from the threat. The attack will also not work on machines with remote desktop services disabled, according to Microsoft. The problem is probably less serious for consumers than for businesses, which tend to run larger, older Windows machine farms.

However, the newly discovered vulnerability is so severe that Microsoft warns that this could pave the way for another attack similar to WannaCry, which took control of hundreds of thousands of Windows PCs around the world in 2017. Windows Server 2003 and XP , that he no longer supports.

Microsoft also applies patches to Windows 7 and Windows Server 2008 systems that have automatic updates enabled.

Editor's note: This story has been updated with Microsoft's comments on how disabling Remote Desktop Protocol will prevent the threat.

Download branded articles

This article was originally published on PCMag
right here

[ad_2]

Source link