Microsoft Urging Updates on Old Versions to Prevent Malware Attack

By:  |  Category: Blog, Security Wednesday, May 15th, 2019  |  No Comments

Microsoft is preemptively trying to get ahead of another WannaCry-style malware attack before it hits. Currently, they have released fixes for a Remote Desktop Services (aka Terminal Services) vulnerability that could allow “wormable” malware that spreads from computer to computer without requiring any user input. According to Engadget, “The exploit affects Windows 7, Windows Server 2008 R2 and older releases. Not surprisingly, Microsoft isn’t taking any chances. While it’s no longer officially supporting Windows XP and Windows Server 2003, it’s patching both platforms to prevent ancient PCs (like those used in some business and government scenarios) from falling prey to attacks.”

Microsoft insists they have seen “no exploitation” ahead of the patch, although it was “highly likely” that malware writers would, given enough time, use the security hole. Systems that have Network Level Authentication have a higher level of defense, since they require credentials before the flaw is usable.

“This vulnerability is pre-authentication and requires no user interaction,” explains Simon Pope, director of incident response at Microsoft’s Security Response Center. “In other words, the vulnerability is ‘wormable’, meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017.”

Microsoft is smart to get ahead of this. WannaCry devastated PCs globally, including the UK’s health care system, and Microsoft doesn’t want to risk contributing to the issue by leaving systems unpatched. Even with the big push, there’s no guarantee a crisis will be averted because companies dawdle to do system updates. Let’s hope Microsoft can get businesses onboard before another malware attack hits.

If you need assistance with your network security give EnhancedTECH a call at 714-970-9330 or contact us at [email protected]

Leave a Comment
Read previous post:
IT Costs
Are IT Costs Holding Back Your Business?

In order to continuously provide value to their oil and gas customers, SitePro needed a system that was quick for...