Microsoft Warning: Patch 'Old' Versions of Windows
"We strongly advise that all affected systems should be updated as soon as possible."
That's the message from Microsoft concerning a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services (formerly known as Terminal Services) that is able to infect older versions of Windows - Windows XP, Windows Vista, Windows 7, Windows 2003, Windows 2008 and Windows 2008 R2 (patches have been made available for all these).
The nature of the vulnerability (also known as BlueKeep) means it is able to self-replicate and spread to other computers in a network, and attackers can remotely run code on infected computers. Any malware that could exploit the vulnerabiltiy could have the same effect as WannaCry.
Many are yet to take heed of Microsoft's alert to update their software, even though the vulnerability and accompanying warnings were first made public during Microsoft's Patch Tuesday updates on May 14.
"If recent reports are accurate, nearly one million computers connected directly to the internet are still vulnerable. It only takes one vulnerable computer connected to the internet to provide a potential gateway into corporate networks, where advanced malware could spread, infecting computers across the enterprise," said Simon Pope, Director of Incident Response, Microsoft Security Response Center (MSRC).
Pope also warned that because there have been no attacks so far, it isn't reason to be complacent.
"It's been only two weeks since the fix was released and there has been no sign of a worm yet. This does not mean that we're out of the woods. It's possible that we won't see this vulnerability incorporated into malware. But that's not the way to bet."
. . .
If you want to stay notified of vulnerabilities that affect you, register for a weekly security report customised to your stack.
