ICYMI: Windows XP Gets a Rare Update Thanks to WannaCry-Like “Wormable” Vulnerability
Windows XP stopped receiving support from its maker about five years ago. Since then Microsoft has rarely delivered a patch to this once-ruling operating system. Things changed this week, however, as the Windows maker released a patch for a critical Remote Code Execution vulnerability in Remote Desktop Services (formerly Terminal Services). The company is recommending Windows XP users to download and install this patch to avoid being infected by a damaging security flaw.
Microsoft is withholding any specific details of the issue to avoid hackers exploiting it, but that won't save you for long. According to the company, this is a WannaCry-like situation where the malware had managed to propagate across the world affecting both individuals and businesses.
Flaw affects Windows XP, Windows 2003, Windows 7, and Windows Server 2008
"Any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017,” Simon Pope, director of incident response for the Microsoft Security Response Center, said.
“It is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.”
This security flaw affects Windows XP, Windows 7, Windows 2003, and Windows Server 2008. Out of these Windows 2003 and Windows XP are out-of-support systems, which means users will have to manually download and install the update (KB4500705).
For Windows 7, Windows Server 2008, and Windows Server 2008, updates will be installed automatically if you have automatic updates enabled. Downloads are available here for manual installation.
Pope said that Windows 8 and Windows 10 are not affected by this security flaw and added that "it is no coincidence that later versions of Windows are unaffected."
"Microsoft invests heavily in strengthening the security of its products, often through major architectural improvements that are not possible to backport to earlier versions of Windows."
Windows XP, released in 2001, still shares 3.57 percent of the market, which is millions of devices. Installing this patch is specifically important for businesses because many businesses, hospitals, and government departments still run Windows XP on at least some of their machines as was seen during 2017's WannaCry plague.
It is unlikely that everyone running Windows XP on older machines will upgrade to Windows 10 but downloading these latest patches should be a priority if you don't want to get stuck in a WannaCry-like situation. More prudent would be to ditch Windows XP, because from here on XP's associated security disasters will outweigh the convenience of using an older, once-trusted operating system.