Author Topic: Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003  (Read 27 times)

Offline Antus67

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 3612
    • View Profile
Author: Brian Krebs

Microsoft today is taking the unusual step of releasing security updates for unsupported but still widely-used Windows operating systems like XP and Windows 2003, citing the discovery of a “wormable” flaw that the company says could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017.

The vulnerability (CVE-2019-0708) resides in the “remote desktop services” component built into supported versions of Windows, including Windows 7, Windows Server 2008 R2, and Windows Server 2008. It also is present in computers powered by Windows XP and Windows 2003, operating systems for which Microsoft long ago stopped shipping security updates.

Microsoft said the company has not yet observed any evidence of attacks against the dangerous security flaw, but that it is trying to head off a serious and imminent threat.

full article here:https://krebsonsecurity.com/2019/05/microsoft-patches-wormable-flaw-in-windows-xp-7-and-windows-2003/
Vipre Advance Security
VoodooShield 4.7.2
Trojan Remover

Offline Hardhead

  • Administrator
  • Hero Member
  • *****
  • Posts: 822
    • View Profile
Here's a little more information if anyone is still running these OS's.

https://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708

Vulnerable in-support systems include Windows 7, Windows Server 2008 R2, and Windows Server 2008. Downloads for in-support versions of Windows can be found in the Microsoft Security Update Guide. Customers who use an in-support version of Windows and have automatic updates enabled are automatically protected. 

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708

Resources
Links to downloads for Windows 7, Windows 2008 R2, and Windows 2008
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708
Links to downloads for Windows 2003 and Windows XP
https://support.microsoft.com/help/4500705