Not Dead Yet: Microsoft Issues Critical Security Patch for Windows XP

Not Dead Yet: Microsoft Issues Critical Security Patch for Windows XP

The incredible success of Windows XP has been something of a double-edged sword for Microsoft. On one hand, it dominated the desktop PC space for years with that OS, but it also struggled to move beyond XP. After trying for years to end update support, Microsoft finally retired XP five years ago. And yet, Microsoft just found a bug so severe that it has issued another patch for the aging operating system. The remaining Windows XP users out there might never know it exists, though.

Microsoft has only provided vague details of the vulnerability, saying that it affects the Remote Desktop component of Windows. The Remote Desktop Protocol (RDP) Microsoft uses isn’t vulnerable, but the flaw lies in the underlying implementation of remote desktop functionality. Thus, it’s “pre-authentication” and requires no user interaction. Microsoft says that makes the vulnerability “wormable,” meaning it could spread from one vulnerable computer to the next as the WannaCry malware did in 2017.

The vulnerability affects several Windows products including Windows 7, Windows Server 2008, Windows Server 2003, and Windows XP. Of those, only Server 2003 and XP are completely out of support. Windows 8 and newer are not affected. Systems that currently get updates will have the patch routed through Windows Update. Windows XP and Server 2003 users will need to manually download and install it, which very few of them are likely to do. Microsoft advises XP users to upgrade, but anyone still using XP probably has a reason even if that reason is just extreme laziness.

Not Dead Yet: Microsoft Issues Critical Security Patch for Windows XP

Even though Microsoft has not disclosed the exact flaw, even pointing people to the remote desktop functionality all but ensures that someone will devise an attack in the coming days. Security experts expect to see fully automated attacks based on this vulnerability that could spread any kind of malware imaginable.

Continue reading

New Intel Rocket Lake Details: Backwards Compatible, Xe Graphics, Cypress Cove
New Intel Rocket Lake Details: Backwards Compatible, Xe Graphics, Cypress Cove

Intel has released a bit more information about Rocket Lake and its 10nm CPU that's been back-ported to 14nm.

Time to Update: Google Patches 2 Severe Zero-Day Chrome Vulnerabilities
Time to Update: Google Patches 2 Severe Zero-Day Chrome Vulnerabilities

Unlike the last few zero-days, Google didn't find these security holes itself. Instead, it was tipped by anonymous third-parties, and the problems are severe enough that it hasn't released full details. Suffice it to say, you should stop putting off that update.

Early Adopters of Apple M1 Macs Should Be Cautious About Compatibility
Early Adopters of Apple M1 Macs Should Be Cautious About Compatibility

Apple's new MacBooks and Mac mini have made waves, partly thanks to the new silicon inside of them. Apple's new ARM ecosystem, however, is not without its growing pains.

Android 12 Could Include Major App Compatibility Improvements
Android 12 Could Include Major App Compatibility Improvements

Google has attempted to centralize chunks of Android over the years, and a major component called ART is set to get this treatment in Android 12. The result could be vastly improved app compatibility, which is sure to make everyone happy.