Not Dead Yet: Microsoft Issues Critical Security Patch for Windows XP

Not Dead Yet: Microsoft Issues Critical Security Patch for Windows XP

The incredible success of Windows XP has been something of a double-edged sword for Microsoft. On one hand, it dominated the desktop PC space for years with that OS, but it also struggled to move beyond XP. After trying for years to end update support, Microsoft finally retired XP five years ago. And yet, Microsoft just found a bug so severe that it has issued another patch for the aging operating system. The remaining Windows XP users out there might never know it exists, though.

Microsoft has only provided vague details of the vulnerability, saying that it affects the Remote Desktop component of Windows. The Remote Desktop Protocol (RDP) Microsoft uses isn’t vulnerable, but the flaw lies in the underlying implementation of remote desktop functionality. Thus, it’s “pre-authentication” and requires no user interaction. Microsoft says that makes the vulnerability “wormable,” meaning it could spread from one vulnerable computer to the next as the WannaCry malware did in 2017.

The vulnerability affects several Windows products including Windows 7, Windows Server 2008, Windows Server 2003, and Windows XP. Of those, only Server 2003 and XP are completely out of support. Windows 8 and newer are not affected. Systems that currently get updates will have the patch routed through Windows Update. Windows XP and Server 2003 users will need to manually download and install it, which very few of them are likely to do. Microsoft advises XP users to upgrade, but anyone still using XP probably has a reason even if that reason is just extreme laziness.

Not Dead Yet: Microsoft Issues Critical Security Patch for Windows XP

Even though Microsoft has not disclosed the exact flaw, even pointing people to the remote desktop functionality all but ensures that someone will devise an attack in the coming days. Security experts expect to see fully automated attacks based on this vulnerability that could spread any kind of malware imaginable.

Continue reading

The Best Smart Home Security Systems
The Best Smart Home Security Systems

Once a niche business with a few traditional players and some startups, home security systems are now a major battleground for not just security companies, but several internet giants. We round up highlights of the most popular options for 2020.

Microsoft: Pluton Chip Will Bring Xbox-Like Security to Windows PCs
Microsoft: Pluton Chip Will Bring Xbox-Like Security to Windows PCs

Intel, AMD, and Qualcomm are working to make Pluton part of their upcoming designs, which should make PCs more difficult to hack, but it also bakes Microsoft technology into your hardware.

Security Researcher: ‘solarwinds123’ Password Left Firm Vulnerable in 2019
Security Researcher: ‘solarwinds123’ Password Left Firm Vulnerable in 2019

SolarWinds, the company at the center of the massive hack that hit US government agencies and corporations, doesn't exactly use cutting-edge password techniques.

A File Sharing App With 1 Billion Downloads Has a Major Security Flaw
A File Sharing App With 1 Billion Downloads Has a Major Security Flaw

Trend Micro says SHAREit is a security nightmare that could allow intruders to sneak a peek at your data or even install malware. Perhaps most troublingly, the developers have not responded to Trend Micro's warnings.