Microsoft took the unusual step to release a critical security update for unsupported operating systems, including Windows XP and Server 2003.
This indicates that the software flaw is so serious that it could have global repercussions when attacked. It is being compared to the WannaCry malware epidemic of 2017 because of its potential cybersecurity impact.
Attacks can happen with no one logged into the PC or server. All PCs and servers with Windows XP, Windows 7, Windows Server 2003, and Windows Server 2008 must be updated.
Unsupported Windows XP and 2003 require manual update installation.
What Is Affected?
All PCs and servers running...
- Windows XP
- Windows 7
- Windows Vista
- Windows Server 2003
- Windows Server 2008
Any of these systems accessible on the Internet with Remote Desktop Protocol (RDP) are particularly at risk. RDP is enabled by default on all systems.
Remote Desktop Server/Terminal Servers that are accessible from home are particularly at the highest risk and will likely be the first systems to be attacked.
Note that Windows 10 is not affected by this security vulnerability. Upgrading PCs or servers to the latest operating system will improve security dramatically and is the preferred method to reduce this and other risks long term.
What is the Impact?
This flaw has been successfully exploited by security researchers and is expected to allow them to remotely take over a PC or server with no username or password.
This type of attack is called a worm because once it infects a single device it can quickly spread to all PCs and servers on the network. In 2017, WannaCry behaved this way and infected 200,000 PCs around the world in two days.
This flaw could have even more wide-reaching impacts. The exploits have not yet been released publicly, but attacks are widely expected to happen soon.
What Should I Do?
- Install the latest security updates immediately for Windows 7 and Server 2008.
- For unsupported Operating Systems like Windows XP and Windows Server 2003, download and install the special update manually. If you have older systems that have not received updates for several years, they must be identified and updated now.
- If you have publicly accessible Remote Desktop Servers or PCs, then start by updating those since they are at the highest risk. If you do not need RDP, then disable it on each system and at the firewall
- Each update will require a reboot and downtime Integrity is actively installing updates for all supported operating systems.
If you have questions about your specific security posture, please reach out to your Integrity Strategic Business Advisor for guidance.
Further technical details on this security vulnerability can also be found at the links below:
2019/05/microsoft-patches- wormable-flaw-in-windows-xp-7- and-windows-2003/
microsoft.com/msrc/2019/05/14/ prevent-a-worm-by-updating- remote-desktop-services-cve- 2019-0708/