Microsoft has discovered a remote code execution vulnerability (RSA from Remote -- Execution) at services remote desktop (Remote Desktop Services) in older versions of Windows and an emergency update has been released.
The vulnerability is identified by CVE-2019-0708, and occurs at the pre-certification stage. So according to Microsoft you do not even need user interaction.
More worryingly though, the exploid could be released in worm form, meaning it could spread from a device in another, as malware WannaCry.
The affected versions of Windows are the operating ones Windows XP, Windows Server 2003, Windows 7 and Windows Server 2008. Windows 8 and Windows 10 are not at risk.
Supported versions of Windows, such as Windows 7, will automatically receive the update from Windows Update, while for non-supported operating systems, such as Windows XP, updates will have to be installed manually by Microsoft Update Catalog.
Microsoft states that so far it does not know if any exploit will be released but it is very likely we will see it in the near future.
So if you use older systems, update your computers immediately!
__________________________________________
- Adobe Fixes 87 Vulnerabilities! Update immediately
- Plead malware attacks on ASUS Webstorage software