Sunday, 21 July 2019
Latest news
Main » Microsoft Releases Patches for a Critical Windows Flaw Allowing WannaCry-Style Attacks

Microsoft Releases Patches for a Critical Windows Flaw Allowing WannaCry-Style Attacks

15 May 2019

Microsoft has discovered a vulnerability in earlier versions of Windows that is similar in nature to the WannaCry ransomware attack.

The vulnerability is "wormable", according to Microsoft, which means that no user interaction is required for their system to be exploited, and affected systems are capable of propagating the virus to other at-risk computers and networks around the world.

Microsoft says it has not yet observed any exploitation of the vulnerability.

But, it does affect Windows XP, Windows 7, Windows Server 2003, Windows Server 2008 and 2008 R2.

Microsoft has posted patches for the two latter versions of Windows but strongly suggests users upgrade to newer variants of the operating system.

Microsoft has warned of a serious security vulnerability in its older, theoretically-unsupported Windows operating systems, releasing patches which need to be applied manually for those systems no longer receiving automated updates.

The latter, CVE-2019-0725, is a particularly nasty memory corruption vulnerability, since all that is needed to exploit it is a well-crafted packet sent to a DHCP server and affects all now supported versions of Windows, client and server.

This time past year stats put Windows 7, which was first released back in 2009, ahead of the newer Windows 10 OS. "It is critically important for organizations and system administrators to apply patches as soon as possible to reduce their risk of compromise". With NLA enabled, systems are protected against "wormable" malware or advanced malware threats that could exploit the vulnerability, as NLA requires authentication before the vulnerability can be triggered.

Among the patches is a fix for a zero-day vulnerability in the Windows Error Reporting Service.

This is a flaw in Remote Desktop Services (RDS) which could allow an attacker to remotely execute arbitrary code on a target system after connecting using RDP. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Security researchers have shown it is possible to exploit MDS vulnerabilities with attacks such as rogue in-flight data load (RIDL) and Fallout to glean secrets and sensitive information such as password and digital keys on recent Intel processors.

Microsoft had already released a patch for the flaw, but many older and vulnerable OSes were never updated. That vulnerability affects both Mac and Windows systems.

Microsoft Releases Patches for a Critical Windows Flaw Allowing WannaCry-Style Attacks