A newly discovered vulnerability in the commonly used Remote Desktop Services (RDS) that can be abused to create worms or self-spreading malware has prompted Microsoft to create security patches for the obsolete Windows XP and Server 2003 operating systems.
CVE-2019-0708 allows someone sending specially crafted packets to Windows Server's Remote Desktop Services system to run code on it, even if they are not authenticated on the system.
Microsoft mentions that some older Windows OSes will have partial mitigation against the vulnerability if they have Network Level Authentication (NLA) enabled, as NLA requires authentication before the vulnerability can be triggered.More news: 'Bond 25' production 'halted after Daniel Craig suffers injury on set'
There is now no indication that the flaw is already being exploited, but Microsoft said it is "highly likely" that malicious actors will soon write an exploit to incorporate it into malware.
Microsoft said the vulnerability is "wormable", which means attackers could use it to spread malware across devices in a similar manner to the way WannaCry spread in 2017. "It is critically important for organizations and system administrators to apply patches as soon as possible to reduce their risk of compromise". "In response, we are taking the unusual step of providing a security update for all customers to protect Windows platforms, including some out-of-support versions of Windows".
Windows XP and Windows 2003 systems are out of support, and being so aged Microsoft strongly recommends users update to a newer OS.
"Customers running Windows 8 and Windows 10 are not affected by this vulnerability, and it is no coincidence that later versions of Windows are unaffected".More news: MPs To Vote On Theresa May's Brexit Vote AGAIN Next Month
The remaining 18 critical flaws are for scripting engines and browsers, and while all should be patched there's no evidence as yet that any are being exploited in the wild.
That flaw, spotted by researchers at NCC Group, is a logic vulnerability that can be exploited to gain "remote access to a host's storage via Edge, Internet Explorer, Firefox and Chrome on Microsoft Windows by a malicious Citrix server".
Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling, for 64-Bit (x64) versions of Windows (CVE-2019-11091, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130).More news: Michigan Legislature votes to ban abortion procedure
- Third of Scottish adults anxious over body image, report finds
- Guardiola beats Klopp to manager of the year award
- IRAN: British Council worker jailed for spying for UK
- Crowned by Burger King, meat replacement company Impossible Foods raises $300 million
- Deepest undersea dive reveals depths of humanity's filth
- Donald Trump's lonely dream of Viktor Orban-like power
- Athletics trade Edwin Jackson to Blue Jays
- Madison Bumgarner's No-Trade List Includes Yankees, Red Sox, Cubs
- Pompeo to Lavrov: Trump Administration doesn't recognize Russia's attempted annexation of Crimea
- Red Dead Redemption 2 Has Shipped Over 24 Million Copies Worldwide