Microsoft are warning all those with devices still running older versions of Windows to apply an urgent Windows update or else face the prospect of being a victim of a Cyber Attack, and as such they are releasing urgent Microsoft security updates to address these critical vulnerabilities.

Microsoft have identified a critical security flaw in the Remote Desktop Services protocol which affects the Windows XP, Windows 7, Windows Server 2003, and Server 2008 operating systems.

As you may already know, the Windows XP and Windows Server 2003 operating systems are actually no longer supported or patched by Microsoft except in the case of very critical and potentially damaging flaws being discovered. If your business is still using workstations running the Windows XP operating system, or servers running the Windows 2008 server operation system, you are at risk and should seek assistance from an IT professional to upgrade immediately.

“This vulnerability is pre-authentication and requires no user interaction,” explains Simon Pope, director of incident response at Microsoft’s Security Response Center. “In other words, the vulnerability is ‘wormable’, meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017.”

Microsoft have noted that there have not yet been reported attacks based on this newly discovered vulnerability, and they strongly advice that the urgent security update of CVE-2019-0708 patch be installed ASAP.

If you are unsure of your update schedule for your Windows Servers or desktops, we highly recommend you review this with your IT partner ASAP.

If you are currently running an older version of the Microsoft Windows or Microsoft Windows Server operating systems, and you are unsure if you are protected contact us at support@m1it.com.au or by calling us on 1300 331 041 today.