<img src="https://secure.leadforensics.com/69529.png" style="display:none;"> Apogee IT Services
Blog  |  FAQ
  • Apogee Aim Higher Website header
    What's going on in IT.

Microsoft Urgently Provides Patch Against Major Vulnerability

Posted on May 17, 2019
  
microsoft

Microsoft issued a patch Tuesday to mend a “critical” vulnerability to remote desktop services. The severity of this vulnerability hasn’t been seen since WannaCry infected 230,000 computers in 150 countries two years ago.

The patch covers Windows XP, Windows 2003, Windows 7, Windows 8 R2 and Windows Server 2008. Users running Windows 8 and Windows 10 are not affected.

This vulnerability requires no user interaction. It’s described by Microsoft director of incident response Simon Pope as “wormable,” meaning that any future malware that exploits this vulnerability could propagate from one computer to another the way WannaCry proliferated globally in 2017.

“While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware,” Pope wrote in his blog. Pope stressed that systems should be patched “as quickly as possible.”

Downloads for in-support versions of Windows can be acquired in the Microsoft Security Update Guide. Those who have automatic updates enabled on their in-support version of Windows are protected.

Microsoft suggests users running out-of-support systems Windows 2003 and Windows XP to upgrade to the most recent version of Windows. It is making fixes available for these versions in KB4500705. Here are the links to download for Windows 7, Windows 2008 R2 and Windows 2008.

To discuss security strategy, contact Security Analyst Frank Verdecchia at fverdecchia@apogeeits.com.

Tagged microsoft, MSP, Cyber Security, Patch

11 keys to network security

Clients in the US & Canada

apogee-sidebar-map-2

Learn More