Breaking News

Leica Ultravid 8x32 HD-Plus Special Edition in brown leather BIOSTAR INTRODUCES THE BIRPL-PAT INDUSTRIAL MOTHERBOARD Sony Electronics and The Associated Press complete testing of advanced In-Camera authenticity technology TEAMGROUP Launches T-FORCE SIREN GD120S AIO SSD Cooler - An Exceptional AIO M.2 2280 SSD Liquid Cooler COUGAR Introduces the Hotrod – a motorsports-inspired gaming chair designed to support extreme gaming performance

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

Microsoft Patches Older Versions of Windows Against Wormable Windows Bug

Microsoft Patches Older Versions of Windows Against Wormable Windows Bug

PC components May 15,2019 0

Microsoft is taking an unusual step of patching Win 2003 and XP against a high-severity vulnerability, with Windows 7, Server 2008 and 2008 R2 to be also vulnerable.

The fixes aim a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. The Remote Desktop Protocol (RDP) itself is not vulnerable. This vulnerability is pre-authentication and requires no user interaction. In other words, the vulnerability is ‘wormable’, meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. While Microsoft has observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.

Microsoft says that affected systems should be patched as quickly as possible to prevent such a scenario from happening.

Vulnerable in-support systems include Windows 7, Windows Server 2008 R2, and Windows Server 2008. Downloads for in-support versions of Windows can be found in the Microsoft Security Update Guide.

Out-of-support systems include Windows 2003 and Windows XP. If you are on an out-of-support version, the best way to address this vulnerability is to upgrade to the latest version of Windows. Even so, Microsoft is making fixes available for these out-of-support versions of Windows in KB4500705.

Users running Windows 8 and Windows 10 are not affected by this vulnerability, and it is no coincidence that later versions of Windows are unaffected.

There is partial mitigation on affected systems that have Network Level Authentication (NLA) enabled. The affected systems are mitigated against ‘wormable’ malware or advanced malware threats that could exploit the vulnerability, as NLA requires authentication before the vulnerability can be triggered. However, affected systems are still vulnerable to Remote Code Execution (RCE) exploitation if the attacker has valid credentials that can be used to successfully authenticate.

Links to downloads for Windows 7, Windows 2008 R2, and Windows 2008

Links to downloads for Windows 2003 and Windows XP

Tags: MicrosoftSecurityWindows XPWindows 7
Previous Post
Intel Reveals New Chip Security Flaw
Next Post
Cadence Announces New Memory Standard Support in Samsung Foundry’s Advanced Process Technologies

Related Posts

  • Activision Blizzard King to Team Xbox

  • NVIDIA Studio Lineup Adds RTX-Powered Microsoft Surface Laptop Studio 2

  • Samsung and Microsoft Unveil First On-Device Attestation Solution for Enterprise

  • Introducing Xbox Game Pass Core, Coming This September

  • Announcing the next wave of AI innovation with Microsoft Bing and Edge

  • Microsoft Announces Security Copilot AI

  • Microsoft breaks new ground in healthcare with the next evolution of AI

  • ChatGPT is now available in Azure OpenAI Service

Latest News

Leica Ultravid 8x32 HD-Plus Special Edition in brown leather
Consumer Electronics

Leica Ultravid 8x32 HD-Plus Special Edition in brown leather

BIOSTAR INTRODUCES THE BIRPL-PAT INDUSTRIAL MOTHERBOARD
Enterprise & IT

BIOSTAR INTRODUCES THE BIRPL-PAT INDUSTRIAL MOTHERBOARD

Sony Electronics and The Associated Press complete testing of advanced In-Camera authenticity technology
Cameras

Sony Electronics and The Associated Press complete testing of advanced In-Camera authenticity technology

TEAMGROUP Launches T-FORCE SIREN GD120S AIO SSD Cooler - An Exceptional AIO M.2 2280 SSD Liquid Cooler
Cooling Systems

TEAMGROUP Launches T-FORCE SIREN GD120S AIO SSD Cooler - An Exceptional AIO M.2 2280 SSD Liquid Cooler

COUGAR Introduces the Hotrod – a motorsports-inspired gaming chair designed to support extreme gaming performance
Gaming

COUGAR Introduces the Hotrod – a motorsports-inspired gaming chair designed to support extreme gaming performance

Popular Reviews

Pioneer BDR-S13U-X Blu-Ray Recorder

Pioneer BDR-S13U-X Blu-Ray Recorder

Arctic Liquid Freezer II 360 Α-RGB

Arctic Liquid Freezer II 360 Α-RGB

Pioneer BDR-X13U-S

Pioneer BDR-X13U-S

Pioneer BDR-XD08UMB-S External Blu-Ray Recorder

Pioneer BDR-XD08UMB-S External Blu-Ray Recorder

Verbatim External 4K Slimline Blu-Ray Recorder

Verbatim External 4K Slimline Blu-Ray Recorder

Surefire KINGPIN M2 Keyboard

Surefire KINGPIN M2 Keyboard

Samsung 970 EVO Plus 2TB NVME SSD

Samsung 970 EVO Plus 2TB NVME SSD

Crucial X8 4TB PortableSSD

Crucial X8 4TB PortableSSD

Main menu

  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed