UPDATED 23:56 EDT / MAY 14 2019

SECURITY

Microsoft offers security update to fix critical issue in older Windows systems

Microsoft Corp. Tuesday released a security update for unsupported operating systems to fix a serious, previously unknown vulnerability.

The vulnerability is a remote code vulnerability in Remote Desktop Services that’s found in versions of Microsoft Windows dating back to Windows XP and is also found in Windows Server 2003. Microsoft dropped support for Window XP in 2014 and Server 2003 in 2015, but the exploit was found to be so concerning that the company decided to issue both a patch and an individual security warning as well.

“This vulnerability is pre-authentication and requires no user interaction,” Microsoft said. “In other words, the vulnerability is ‘wormable,’ meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017.”

Satnam Narang, senior research engineer at Tenable Inc., explained to SiliconANGLE that the vulnerability allows an unauthenticated attacker to target vulnerable systems with Remote Desktop Protocol enabled.

An attacker “could exploit this flaw to gain remote code execution” and is likely to be “exploited in the wild in the near future as attackers develop exploit code,” Narang said. “It is critically important for organizations and system administrators to apply patches as soon as possible to reduce their risk of compromise.”

In particular, although the advisory lists Windows 7, Windows Server 2008 and Windows Server 2008 R2 as affected, Microsoft is also releasing updates for out-of-support systems that include Windows XP and Windows 2003.

Recorded Future Inc. Senior Solutions Architect Allan Liska also emphasized the importance of installing the security update. The vulnerability, he said, “should be the highest priority patching because, in addition to the wormable capabilities in this exploit, many modern ransomware variants, such as Dharma, Robbinhood, and CrySIS, often use vulnerable RDP servers to gain access to victim networks. This vulnerability will make that process even easier.”

The patch came as part of Microsoft’s monthly Patch Tuesday, which in May addressed 22 critical vulnerabilities.

Those running Microsoft XP or Server 2003 at an enterprise level can obtain a security patch here.

Image: kisocci/Flickr

Since you’re here …

… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.

Cookies

We employ the use of cookies. Find out more.