![](\"https:\/\/media.wired.com\/photos\/5cdc3d8fc6a1822e416ba52e\/master\/pass\/Microsoft-wired-headers2400-B4.jpg\"\/)
<\/p>\n<\/p>\n
Credit to Author: Brian Barrett| Date: Wed, 15 May 2019 16:28:18 +0000<\/strong><\/p>\n This week, Microsoft <\/span>issued patches for 79 flaws across its platforms and products. One of them merits particular attention: a bug so bad that Microsoft released a fix for it on Windows XP<\/a>, an operating system it officially abandoned five years ago.<\/p>\n There\u2019s maybe no better sign of a vulnerability\u2019s severity; the last time Microsoft bothered to make a Windows XP fix publicly available was a little over two years ago, in the months before the WannaCry ransomware attack swept the globe<\/a>. This week\u2019s vulnerability has similarly devastating implications. In fact, Microsoft itself has drawn a direct parallel.<\/p>\n \u201cAny future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017,\u201d Simon Pope, director of incident response for the Microsoft Security Response Center, wrote<\/a> in a statement announcing the patch Tuesday. \u201cIt is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.\u201d<\/p>\n Microsoft is understandably withholding specifics about the bug, noting only that it hadn\u2019t seen an attack in action yet, and that the flaw relates to Remote Desktop Services, a feature that lets administrators take control of another computer that\u2019s on the same network.<\/p>\n That small parcel of information, though, still gives potential attackers plenty enough to go on. \u201cEven mention that the area of interest is Remote Desktop Protocol is sufficient to uncover the vulnerability,\u201d says Jean Taggart, senior security researcher at security firm Malwarebytes.<\/p>\n Expect that to happen quickly. \u201cThis will be fully automated in the next 24 to 48 hours and exploited by a worm,\u201d says Pieter Danhieux, CEO of secure coding platform Secure Code Warrior, referring to the class of malware that can propagate across a network without any human interaction, such as clicking the wrong link or opening the wrong attachment. Like the Blob, it just spreads.<\/p>\n Once that worm gives hackers access to those devices, the possibilities are fairly limitless. Danhieux sees ransomware as a likely path; Taggart ticks off spam campaigns, DDoS, and data harvesting as possibilities. \u201cTake your pick,\u201d he adds. \u201cSuffice to say, a lot.\u201d<\/p>\n The saving grace for all of this is that computers running Windows 8 and up aren\u2019t affected. But it\u2019s important not to underestimate the danger that Windows XP computers can still pose. Estimates vary, but analytics company Net Marketshare says that 3.57 percent<\/a> of all desktops and laptops still run Windows XP, which was first released in 2001. Conservatively, that's still tens of millions of devices on Windows XP\u2014more than are running on the most recent version of MacOS. Moreover, you can assume with some confidence that almost none of those computers are ready for what\u2019s coming.<\/p>\n "When you\u2019re dealing with patching, it\u2019s a balancing act."<\/p>\n Richard Ford, Forcepoint<\/p>\n Yes, plenty of Windows XP users are just folks who haven\u2019t dusted off their Dell Dimension tower since the last Bush administration. It seems unlikely that they'll ever get around to installing this latest patch, especially given that you need to seek it out, and download and install<\/a> it yourself. It\u2019s hard enough to get people to update modern systems with their incessant nagging popups; one imagines that those still on Windows XP are in no rush to visit the Microsoft Update Catalog.<\/p>\n