Breaking News

Fujifilm Launches New FUJINON Techno Stabi TS-X 1440 Binoculars Volkswagen and IBM Are Researching Autonomous Driving in Urban Space These Were the Top Songs, Artists, Playlists, and Podcasts on Spotify of 2019 Google Stadia Launches New Game Store Apple Says iPhone 11’s U1 Chip Has to Constantly Perform Geolocation Checks

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

Microsoft Patches Older Versions of Windows Against Wormable Windows Bug

Microsoft Patches Older Versions of Windows Against Wormable Windows Bug

PC components May 15,2019 0

Microsoft is taking an unusual step of patching Win 2003 and XP against a high-severity vulnerability, with Windows 7, Server 2008 and 2008 R2 to be also vulnerable.

The fixes aim a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. The Remote Desktop Protocol (RDP) itself is not vulnerable. This vulnerability is pre-authentication and requires no user interaction. In other words, the vulnerability is ‘wormable’, meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. While Microsoft has observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.

Microsoft says that affected systems should be patched as quickly as possible to prevent such a scenario from happening.

Vulnerable in-support systems include Windows 7, Windows Server 2008 R2, and Windows Server 2008. Downloads for in-support versions of Windows can be found in the Microsoft Security Update Guide.

Out-of-support systems include Windows 2003 and Windows XP. If you are on an out-of-support version, the best way to address this vulnerability is to upgrade to the latest version of Windows. Even so, Microsoft is making fixes available for these out-of-support versions of Windows in KB4500705.

Users running Windows 8 and Windows 10 are not affected by this vulnerability, and it is no coincidence that later versions of Windows are unaffected.

There is partial mitigation on affected systems that have Network Level Authentication (NLA) enabled. The affected systems are mitigated against ‘wormable’ malware or advanced malware threats that could exploit the vulnerability, as NLA requires authentication before the vulnerability can be triggered. However, affected systems are still vulnerable to Remote Code Execution (RCE) exploitation if the attacker has valid credentials that can be used to successfully authenticate.

Links to downloads for Windows 7, Windows 2008 R2, and Windows 2008

Links to downloads for Windows 2003 and Windows XP

Tags: MicrosoftSecurityWindows XPWindows 7
Previous Post
Intel Reveals New Chip Security Flaw
Next Post
Cadence Announces New Memory Standard Support in Samsung Foundry’s Advanced Process Technologies

Related Posts

  • Microsoft Store Cyber Monday Deals

  • Microsoft Store Black Friday Deals Start Today

  • Microsoft Allowed to Export Software to Huawei

  • Microsoft Surface Earbuds Launch Pushed Back For Spring 2020

  • Google Will Pay $1 Million to Anyone Who Hack the Pixel Phones

  • NVIDIA and Microsoft to Aid AI Startups

  • Microsoft and Salesforce Expand Their Cloud Partnership

  • Project Silica Concept Stores Warner Bros. ‘Superman’ Movie on Glass

0 Comments

Leave a Reply

More information about text formats

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.

BBCode

  • No HTML tags allowed.
  • You may use these tags: [abbr], [acronym], [b], [center], [code], [color], [define], [font], [h1], [h2], [h3], [h4], [h5], [h6], [hr], [i], [img], [justify], [left], [list], [node], [php], [quote], [right], [s], [size], [sub], [sup], [u], [url], [wikipedia], [youtube], [align], [link], [ol], [ul]
  • Lines and paragraphs break automatically.
CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.

Latest News

Fujifilm Launches New FUJINON Techno Stabi TS-X 1440 Binoculars
Consumer Electronics

Fujifilm Launches New FUJINON Techno Stabi TS-X 1440 Binoculars

Volkswagen and IBM Are Researching Autonomous Driving in Urban Space
Enterprise & IT

Volkswagen and IBM Are Researching Autonomous Driving in Urban Space

These Were the Top Songs, Artists, Playlists, and Podcasts on Spotify of 2019
Enterprise & IT

These Were the Top Songs, Artists, Playlists, and Podcasts on Spotify of 2019

Google Stadia Launches New Game Store
Gaming

Google Stadia Launches New Game Store

Apple Says iPhone 11’s U1 Chip Has to Constantly Perform Geolocation Checks
Smartphones

Apple Says iPhone 11’s U1 Chip Has to Constantly Perform Geolocation Checks

Popular Reviews

Zidoo Z9S 4K Media Player review

Zidoo Z9S 4K Media Player review

CeBIT 2005

CeBIT 2005

Club3D HD3850

Club3D HD3850

CeBIT 2006

CeBIT 2006

LiteOn iHBS112 review

LiteOn iHBS112 review

Crucial P1 NVMe 1TB SSD review

Crucial P1 NVMe 1TB SSD review

Hitachi DZ-MV100A DVD Camcorder

Hitachi DZ-MV100A DVD Camcorder

Toshiba Exceria M303 64GB and M501 Exceria Pro 64GB MicroSDXC review

Toshiba Exceria M303 64GB and M501 Exceria Pro 64GB MicroSDXC review

  • Home
  • News
  • Reviews
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed