Η Microsoft discovered a remote code execution (RSA from Remote Code Execution) vulnerability in Remote Desktop Services in earlier versions of Windows and released an emergency update.
The vulnerability is identified by CVE-2019-0708, and occurs at the pre-certification stage. So according to Microsoft you do not even need user interaction.
More worryingly though, the exploid could be released in the form of a worm, which means it could spread from one device to another, like malicious software WannaCry.
Affected versions of Windows are Windows XP operating systems, Windows Server 2003, Windows 7 and Windows Server 2008. Windows 8 and Windows 10 are not at risk.
Οι υποστηριζόμενες εκδόσεις των Windows, όπως τα Windows 7, θα λάβουν αυτόματα την ενημερωμένη έκδοση από το Windows Update, while for unsupported operating systems such as Windows XP, updates will have to be installed manually from Microsoft Update Catalog.
Microsoft states that so far it does not know if any exploit will be released but it is very likely we will see it in the near future.
So if you use older systems, update your computers immediately!
__________________________________________
- Adobe Fixes 87 Vulnerabilities! Update immediately
- Plead malware attacks on ASUS Webstorage software