Microsoft is urging its those users with older versions of its operating system to update their operating system in order to thwart a Windows security exploit discovered in early May this year. Simon Pope, Director of Incident Response, Microsoft Security Response Center (MSRC) writes on the company’s official blog that the company has released a fix for a critical Remote Code Execution vulnerability CVE-2019-0708 in Remote Desktop Services. “nearly one million computers connected directly to the internet are still vulnerable to CVE-2019-0708,” writes Pope. The company notes that Windows 8 and Windows 10 are not affected by this vulnerability.
Microsoft has said that the CVE-2019-0708 vulnerability is ‘wormable’ and future malware that would exploit the vulnerability. This means that the malware might be able to propagate between computers in a manner similar to how the WannaCry malware spread a few years ago.
“It's been only two weeks since the fix was released and there has been no sign of a worm yet. This does not mean that we’re out of the woods. If we look at the events leading up to the start of the WannaCry attacks, they serve to inform the risks of not applying fixes for this vulnerability in a timely manner,” Pope notes.
Vulnerable in-support systems include Windows 7, Windows Server 2008 R2, and Windows Server 2008, while Windows 2003 and Windows XP are vulnerable systems that are no longer supported by the company.
from Latest Technology News http://bit.ly/30ZBYKh
No comments:
Post a Comment