Microsoft rushed to release security updates for Windows XP, Server 2003

If you are still using a copy of Windows XP or Windows Server 2003 on networked systems (and both Windows 7, Windows Server 2008 and 2008 R2), pay attention!

If you are still using a copy of Windows XP or Windows Server 2003 on networked systems (and both Windows 7, Windows Server 2008 and 2008 R2), pay attention! Microsoft will release an emergency patch for the above operating systems to prevent a possible vulnerability for remote system exploiters via RDP service, which could lead to a script. as bad as Wannacry 2 years ago.

This vulnerability currently identifies CVE-2019-0708. The method of exploiting the vulnerability is quite simple, the attacker will only need to send a specially created request to the target Remote Desktop Service systems via RDP, thereby executing the remote code on the system. More dangerous, the extraction process can spread from one computer to another quickly, thereby causing the entire system to crash because it can spread without user intervention.

Microsoft rushed to release security updates for Windows XP, Server 2003 Picture 1 Microsoft rushed to release security updates for Windows XP, Server 2003 Picture 1

The Linksys smart Wi-Fi router was found to contain information leaks of connected devices

In a recent report, Microsoft noted that the problem is not in the RDP protocol, but on the service itself:

'Remote Desktop Protocol (RDP) itself is not entirely vulnerable. We recognize that this vulnerability is a form of pre-authentication and does not require user interaction. In other words, this security vulnerability can be classified as 'wormable', meaning that all future malware can exploit it and spread from one computer to another in the same way as the way WannaCry malware spread globally in 2017 before. '

Microsoft rushed to release security updates for Windows XP, Server 2003 Picture 2 Microsoft rushed to release security updates for Windows XP, Server 2003 Picture 2

UC Browser Android - lucrative bait for URL spoofing attacks

Fortunately, this vulnerability has no effect on Windows 8.1 or Windows 10. However, to ensure safety, Microsoft will release an additional security update for the two operating systems.

Back in the case of the older operating systems mentioned at the beginning of the article, you can find the patch for Windows XP and Windows Server 2003 here. Other operating systems are patched through the regular Patch Tuesday cycle.