[ad_1]
This week, Microsoft has released patches for 79 defects on its platforms and products. One of them deserves special attention: a bug so serious that Microsoft has published a solution to this problem under Windows XP, an operating system that it officially abandoned five years ago.
There may be no better sign of the severity of a vulnerability; The last time Microsoft bothered to release a fix for Windows XP, it was a little over two years ago, in the months leading up to the WannaCry ransomware attack . This week's vulnerability has equally devastating consequences. In fact, Microsoft itself has drawn a direct parallel.
"Any future malware that exploits this vulnerability could spread from a vulnerable computer to a vulnerable computer in the same way as the worldwide malware WannaCry," said Simon Pope, Microsoft Incident Response Director. Security Response Center. by announcing the patch on Tuesday. "It is very likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware."
It is understandable that Microsoft is hiding details about the bug, noting that it has not yet seen an attack in action and that the flaw concerns remote desktop services, a feature that allows administrators to take control from another computer on the same network.
This small piece of information, however, still gives potential attackers enough money to continue. "Even mentioning that the area of interest is that the remote desktop protocol is enough to discover vulnerability," says Jean Taggart, senior security researcher at Malwarebytes security company.
Expect this to happen quickly. "It will be fully automated in the next 24 to 48 hours and exploited by a worm," said Pieter Danhieux, CEO Secure Code Warrior, a secure coding platform, referring to the class of malware that can spread on a network without no human interaction, such as clicking the wrong link or opening the wrong attachment. As The blobit spreads.
Once this worm has allowed hackers to access these devices, the possibilities are relatively limitless. Danhieux considers ransomware as a probable path; Taggart ticks the possibilities of anti-spam campaigns, DDOS and data collection. "Make your choice," he adds. "A lot to say, a lot."
With this, computers running Windows 8 are not affected. However, it is important not to underestimate the danger that Windows XP computers can still pose. Estimates vary, but the Net Marketshare analytics company reports that 3.57 percent of desktops and laptops still run on Windows XP, released in 2001. However, there are still tens of millions of Windows XP-based devices – more than on the most recent versions. version of MacOS. In addition, you can be sure that almost none of these computers are ready for what will happen.
"When working with patches, it's a balancing act."
Richard Ford, Forcepoint
Yes, many Windows XP users are just people who have not dusted their Dell Dimension towers since the last Bush administration. It seems unlikely that they will start installing this latest fix, especially since you have to search for it, download it and install it yourself. It's hard enough to get people to update modern systems with their incessant popups; we imagine that those who still use Windows XP are in no hurry to consult the Microsoft Update catalog.
More disturbing, though, are the countless businesses and infrastructure issues that still rely on Windows XP. No later than in 2016, even the nuclear submarines had shipped it. For the most sensitive use cases, such as nuclear weapons, for example, companies and governments are paying Microsoft for ongoing security support. But the majority of hospitals, businesses, and industrial facilities that have Windows XP in their systems do not have one. And for many of them, the upgrade – or even the installation of a fix – is harder than it appears there.
"It's difficult to connect computers to industrial control networks because they often control large-scale physical processes such as oil refining and power generation," says Phil Neray, vice president of cybersecurity. Industrial at CyberX, a security company focused on IoT and ICS. . A recent CyberX study indicates that more than half of the industrial sites run unsupported Windows machines, making them potentially vulnerable. There are not many opportunities to test the impact of a patch on these types of systems, let alone interrupt operations to install them.
This is also true for health systems, where the process of updating critical software could disrupt patient care. Other companies use specialized software that is incompatible with the latest versions of Windows; in practice, they are trapped on XP. And if the best way to protect yourself from this latest vulnerability (and the countless others that currently weigh on unsupported operating systems) is to upgrade to the latest version of Windows, the enterprises to short money tend to favor other needs.
Hopefully, Microsoft's extraordinary application of a patch will prompt many to take action. It's hard to imagine a stronger siren. "When you work with patches, it's a good balance between the costs of these patches and those of leaving them alone, or simply asking users to upgrade their software," says Forcepoint Chief Scientist Richard Ford , cybersecurity company. "They would know both the security risk and the reputational risk of not aggressively attacking this vulnerability. Gather all these elements, and when the stars will align, it makes sense to provide the fix quickly, safely and even for unsupported operating systems. "
The coming weeks and months, however, should show how much there is a significant gap between providing a patch and the need to have it installed by users. An attack on Windows XP is at this stage inevitable. And the fallout could be worse than you would have guessed.
More great cable stories
[ad_2]
Source link