Breaking News

Viltrox Announces AF 15mm F1.7 Air MSI Prestige 16 AI Mercedes-AMG Motorsport Limited Edition Laptop GAMEMAX Introduces AERIS 330 Series micro-ATX PC Case COLORFUL Launches Rimbook Series Laptops Circular Smart Rings Offer Early Detection of Sickness Symptoms

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

Microsoft Patches Older Versions of Windows Against Wormable Windows Bug

Microsoft Patches Older Versions of Windows Against Wormable Windows Bug

PC components May 15,2019 0

Microsoft is taking an unusual step of patching Win 2003 and XP against a high-severity vulnerability, with Windows 7, Server 2008 and 2008 R2 to be also vulnerable.

The fixes aim a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. The Remote Desktop Protocol (RDP) itself is not vulnerable. This vulnerability is pre-authentication and requires no user interaction. In other words, the vulnerability is ‘wormable’, meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. While Microsoft has observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.

Microsoft says that affected systems should be patched as quickly as possible to prevent such a scenario from happening.

Vulnerable in-support systems include Windows 7, Windows Server 2008 R2, and Windows Server 2008. Downloads for in-support versions of Windows can be found in the Microsoft Security Update Guide.

Out-of-support systems include Windows 2003 and Windows XP. If you are on an out-of-support version, the best way to address this vulnerability is to upgrade to the latest version of Windows. Even so, Microsoft is making fixes available for these out-of-support versions of Windows in KB4500705.

Users running Windows 8 and Windows 10 are not affected by this vulnerability, and it is no coincidence that later versions of Windows are unaffected.

There is partial mitigation on affected systems that have Network Level Authentication (NLA) enabled. The affected systems are mitigated against ‘wormable’ malware or advanced malware threats that could exploit the vulnerability, as NLA requires authentication before the vulnerability can be triggered. However, affected systems are still vulnerable to Remote Code Execution (RCE) exploitation if the attacker has valid credentials that can be used to successfully authenticate.

Links to downloads for Windows 7, Windows 2008 R2, and Windows 2008

Links to downloads for Windows 2003 and Windows XP

Tags: MicrosoftSecurityWindows XPWindows 7
Previous Post
Intel Reveals New Chip Security Flaw
Next Post
Cadence Announces New Memory Standard Support in Samsung Foundry’s Advanced Process Technologies

Related Posts

  • Snapdragon X Series is the Exclusive Platform to Power the Next Generation of Windows PCs with Copilot+ Today

  • Activision Blizzard King to Team Xbox

  • NVIDIA Studio Lineup Adds RTX-Powered Microsoft Surface Laptop Studio 2

  • Samsung and Microsoft Unveil First On-Device Attestation Solution for Enterprise

  • Introducing Xbox Game Pass Core, Coming This September

  • Announcing the next wave of AI innovation with Microsoft Bing and Edge

  • Microsoft Announces Security Copilot AI

  • Microsoft breaks new ground in healthcare with the next evolution of AI

Latest News

Viltrox Announces AF 15mm F1.7 Air
Cameras

Viltrox Announces AF 15mm F1.7 Air

MSI Prestige 16 AI Mercedes-AMG Motorsport Limited Edition Laptop
Consumer Electronics

MSI Prestige 16 AI Mercedes-AMG Motorsport Limited Edition Laptop

GAMEMAX Introduces AERIS 330 Series micro-ATX PC Case
Cooling Systems

GAMEMAX Introduces AERIS 330 Series micro-ATX PC Case

COLORFUL Launches Rimbook Series Laptops
Enterprise & IT

COLORFUL Launches Rimbook Series Laptops

Circular Smart Rings Offer Early Detection of Sickness Symptoms
Consumer Electronics

Circular Smart Rings Offer Early Detection of Sickness Symptoms

Popular Reviews

be quiet! Light Loop 360mm

be quiet! Light Loop 360mm

be quiet! Dark Mount Keyboard

be quiet! Dark Mount Keyboard

be quiet! Light Mount Keyboard

be quiet! Light Mount Keyboard

Noctua NH-D15 G2

Noctua NH-D15 G2

Soundpeats Pop Clip

Soundpeats Pop Clip

be quiet! Light Base 600 LX

be quiet! Light Base 600 LX

be quiet! Pure Base 501

be quiet! Pure Base 501

Terramaster F8-SSD

Terramaster F8-SSD

Main menu

  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed