CBI Security Alert

CBI Security Alert: Microsoft Issues Patch to Secure Older Windows Versions from “Wormable” Attacks

CBI Security Alerts are designed to keep you informed of new threats in the cybersecurity landscape, provide actionable insights on how to address these threats, and deliver our expert perspectives on what’s new in security.

Today’s Security Alert highlights the new Microsoft patch that protects older versions of Windows from “wormable” malware attacks.

What Happened?

According to a new article from Krebs on Security, Microsoft has just released a critical security update to patch a vulnerability that could potentially leave older Windows operating systems vulnerable to “wormable” type threats similar to 2017 WannaCry ransomware attack.

Microsoft took the unusual measure to patch older versions of Windows that are past their support lives after discovering the vulnerability and recognizing that many of the versions impacted, including Windows XP and Windows 2003, are still widely in use.

CBI Blog Alert

What Does it Mean for You?

If you are using the “remote desktop services” built into certain older versions of Windows, you could be vulnerable to wormable malware attacks. This includes the following versions:

  • Windows 7
  • Windows Server 2008 R2
  • Windows Server 2008
  • Windows XP
  • Windows 2003

Newer versions of the Windows operating system are NOT affected, including Windows 10, Windows 8.1, Windows 8, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012.

What Should I Do Next?

CBI recommends you prioritize your patching process based on which systems have the highest risk to your organization due to the probability of the vulnerability being exploited.

Next actions:

 

Common variables to consider as you go:

  • Asset location – Is the asset exposed to the internet?
  • Impact the asset has to the business
  • Next scheduled patch cycle
  • Other compensating controls that are already in place

 

Finally, our best practice recommendations are for you to follow your change management processes. Always backup your system BEFORE you patch, and use a testing bed before you perform an enterprise wide rollout. Remember, “Risk = Threat x Vulnerability” so you can lower your risk as you lower the threat exposure or vulnerabilities. Let the risk drive your actions.