Microsoft_building
  • Users of older and unsupported Windows versions are in danger, but Microsoft won’t leave them to their fate.
  • A new worm-type vulnerability resembles the way WannaCry works so it could take over thousands or even millions of systems.
  • There is still a significant number of people who use Windows 7 and Windows XP.

Microsoft is rolling out updates for their unsupported Windows 7 and Windows XP, as well as Windows Server 2008, Windows 2008 Server R2, and Windows Server 2003 operating systems. The reason why they have decided to go out of their usual way of not caring about these products is actually a dual one. First, the now-plugged vulnerability concerns a grave menace, and secondly, people are still using these old and unsupported operating systems.

The discovered vulnerability is very similar to the WannaCry ransomware that terrorized the IT world back in 2017, and there is no user interaction required for the infection to take place, as well as to propagate to more computers and networks. Microsoft engineers were the first to discover the problem, and they claim that they have observed no exploitation incidents yet. However, with this revelation, hackers and malware authors are bound to add the new functionality and take advantage of the information to exploit unpatched systems that wonder naively out there. The particular vulnerability was given the identifier “CVE-2019-0708”, and is described as a “remote desktop services remote code execution vulnerability”. According to the details, an attacker could exploit this flaw to install programs, view, change, or delete data, and to create new accounts with full user rights.

Users of the OS versions mentioned above will automatically receive the fixing patches if they have enabled auto-updates. If not, they should visit those two (1, 2) security update links and manually download and install the packages on their system. The two products that are unaffected by the particular vulnerability are Windows 10 and Windows 8, so users of these systems need to do nothing. That said, the RCE problem can spread across networks and systems that still deploy old operating systems, but how many are those precisely?

According to W3Schools OS stat counter, Windows XP accounts for only 0.2% of the current market share, and Windows 7 for a significant 16.3%. The NetMarketShare.com gives 2.4% to Windows XP, and a hefty 36.4% to Windows 7. No matter what the accurate number is in reality, the takeaway is that there’s still a lot of devices that run on those unsupported operating systems, and despite Microsoft’s best efforts to convince its users to move on, people insist on staying put. This compels the company to provide at least some limited form of support when a severe flaw is found, and this worm that could bring chaos to millions of computers out there is one of those exception-cases.

Are you still one of those Windows 7, 2008, 2003, and XP users? Let us know why you’re still using these versions in the comments down below, and help us spread the word of warning by sharing this post through our socials, on Facebook and Twitter.