Microsoft warns of a major Windows security vulnerability similar to WannaCry and releases patches for XP



[ad_1]

Microsoft is asking users of older versions of Windows to urgently apply a Windows update today to protect against a possible widespread attack. The software giant has fixed a critical remote code execution vulnerability in the existing remote desktop services in Windows XP, Windows 7, and server versions such as Windows Server 2003, Windows Server 2008 R2, and Windows Server 2008. Microsoft takes the highly unusual approach of publishing patches for Windows XP and Windows Server 2003, even though both operating systems are no longer supported.

"This vulnerability is pre-authentication and does not require any user interaction," said Simon Pope, director of incident response at Microsoft's Security Response Center. In other words, the vulnerability is "vermicular", which means that any future malicious program that exploits it could spread from a vulnerable computer to a vulnerable computer in the same way as the WannaCry malware, spread around the world. in 2017. "

Microsoft claims to have not observed exploits of this vulnerability, but now that the patches are released, there is only a matter of time before the attackers reverse-engineer the patches from Microsoft and create malware. Fortunately, Windows 8 and Windows 10 computers are not affected by this vulnerability. Although Windows 10 is now more popular than Windows 7, there are still millions of machines running Windows 7, so a possible attack could prove very troublesome.

Microsoft broke with its tradition of not providing patches for Windows operating systems that were no longer supported when thousands of computers in more than 100 countries were affected by a malicious program known as WannaCry. The malware used the flaws of older versions of Windows to encrypt the computers and demand a ransom of $ 300 before unlocking it. Microsoft clearly wants to avoid another WannaCry server, even if it says that "the best way to fix this vulnerability is to upgrade to the latest version of Windows."

[ad_2]

Source link