Microsoft Finds Major Bug in Older Windows, Releases Emergency Windows XP Update
Microsoft discovered a Remote Code Execution vulnerability in Remote Desktop Services in older versions of Windows, and the company shipped an emergency update to resolve it.
Documented in CVE-2019-0708, the vulnerability happens in the pre-authentication stage, and Microsoft says user interaction isn’t even required.
What’s more worrying, however, is that a potential exploit is wormable, which means that it can spread from one device to another, much like WannaCry malware.
The affected Windows versions are Windows XP, Windows Server 2003, Windows 7, and Windows Server 2008. Both Windows 8 and Windows 10 are protected.
Supported versions of Windows, like Windows 7, get this update automatically from Windows Update, while those on retired releases, as it’s the case of Windows XP, need to install the patch manually from the <a href="https://www.catalog.update.microsoft.co… (read more)