DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
November 30, 2020 
Main Menu
News archives

Who's Online
There are currently 164 people online.


Latest Reviews
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset

Follow us

Microsoft patches Windows XP and others to prevent new WannaCry-like outbreak

Posted on Wednesday, May 15 2019 @ 11:54:39 CEST by

MSFT logo
In a surprising move, Microsoft rolled out a security patch for unsupported versions of Windows. This security issue in Windows Remote Desktop Services exclusively affects older versions of Windows, Windows 8 and newer are not vulnerable.

In order to prevent a new WannaCry-like attack, the software giant has rolled out patches for not only Windows 7 and Windows Server 2008/2008 R2, but also Windows XP and Windows Server 2003, which hit the end of their life cycle years ago.

Microsoft has no evidence that the security flaw was actively abused by hackers, but decided action was needed because the risk was too great. The attack did not require user interaction and was relatively simple to exploit, merely the act of sending a few specially crafted packets to a system with the RDP service enabled was enough for infection.
“This vulnerability is pre-authentication and requires no user interaction,” Simon Pope, director of incident response at the Microsoft Security Response Center, wrote in a published post that coincided with the company’s May Update Tuesday release. “In other words, the vulnerability is ‘wormable,’ meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.”
Users running these operating systems on Internet-connected machines should update immediately.

Via: ARS Technica



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2020 DM Media Group bvba