Microsoft is trying to prevent the outbreak of a computer worm by urging those running older Windows systems to patch their machines.
Redmond has discovered a serious flaw in Windows 7, Windows XP, and Windows Server 2003 and 2008 systems, which can be exploited to create malware capable of automatically spreading from one vulnerable machine to another.
"While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware," Microsoft said.
The vulnerability deals with the Remote Desktop Services function in Windows, which can allow a user to take control of the machine over a network. Enterprises often choose to activate the feature on PCs and servers as a way to control them remotely.
Normally, the access requires a correct username and password. However, Microsoft discovered that an "unauthenticated attacker" can install malware on a Windows machine through the Remote Desktop Services function by sending specially crafted data packets.
"An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights," Microsoft said in its vulnerability advisory.
The bug also requires no interaction from the owner of the affected Windows machine. So theoretically, an attacker could scan the internet to find additional machines to target. An estimated 3 million Remote Desktop Protocol endpoints are currently exposed to the internet, according to security researcher Kevin Beaumont, who cites data from device search engine Shodan.
Fortunately, Windows 10 and Windows 8 are immune from the threat. The attack also won't work on machines with Remote Desktop Services disabled, according to Microsoft. So the problem is probably less of a threat to consumers than to corporations, which tend to manage large fleets of older Windows machines.
However, the newly discovered vulnerability is so serious that Microsoft is warning it could pave the way for another attack similar to WannaCry, which took over hundreds of thousands of Windows PCs across the world in 2017. As a result, the company has issued patches for Windows Server 2003 and XP, which it no longer supports.
Microsoft is also applying the patches to Windows 7 and Windows Server 2008 systems that have automatic updates switched on.
Editor's Note: This story has been updated with comment from Microsoft about how disabling the Remote Desktop Protocol will prevent the threat.
Bootleg Ariana Grande album spreads malware
Get Our Best Stories!
Sign up for What's New Now to get our top stories delivered to your inbox every morning.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
Sign up for other newsletters
