CBI Security Alert: Microsoft Issues Patch to Secure Older Windows Versions from Wormable Attacks

[social_warfare]

July 2, 2019

Posted on May 15, 2019

CBI Security Alerts are designed to keep you informed of new threats in the cybersecurity landscape, provide actionable insights on how to address these threats, and deliver our expert perspectives on what’s new in security.

Today’s Security Alert highlights the new Microsoft patch that protects older versions of Windows from “wormable” malware attacks.

What Happened?

According to a new article from Krebs on Security, Microsoft has just released a critical security update to patch a vulnerability that could potentially leave older Windows operating systems vulnerable to “wormable” type threats similar to 2017 WannaCry ransomware attack.

Microsoft took the unusual measure to patch older versions of Windows that are past their support lives after discovering the vulnerability and recognizing that many of the versions impacted, including Windows XP and Windows 2003, are still widely in use.

Security Alert

What Does It Mean For You?

If you are using the “remote desktop services” built into certain older versions of Windows, you could be vulnerable to wormable malware attacks. This includes the following versions:

Windows 7
Windows Server 2008 R2
Windows Server 2008
Windows XP
Windows 2003

Newer versions of the Windows operating system are NOT affected, including Windows 10, Windows 8.1, Windows 8, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012.

What Should I Do Next?

CBI recommends you prioritize your patching process based on which systems have the highest risk to your organization due to the probability of the vulnerability being exploited.

Next actions:

First, follow Microsoft’s instructions to determine which version of Windows you’re using.
- Link: https://support.microsoft.com/en-us/help/13443/windows-which-version-am-i-running
Prevention measures like this kind of patch should take place sooner rather than later based on your organization’s risk appetite. Follow this link to deploy and update the Microsoft patch if you are on one of the versions of Windows determined to be at risk.
- Link: https://support.microsoft.com/en-us/help/4500705
And of course, contact CBI for more help by calling 800-747-8585, emailing help@cbisecure.com or filling out our contact form.
- Link: https://cbisecure.com/contact-us

Common variables to consider as you go:

Asset location – Is the asset exposed to the internet?
Impact the asset has to the business
Next scheduled patch cycle
Other compensating controls that are already in place

Finally, our best practice recommendations are for you to follow your change management processes. Always backup your system BEFORE you patch, and use a testing bed before you perform an enterprise wide rollout. Remember, “Risk = Threat x Vulnerability” so you can lower your risk as you lower the threat exposure or vulnerabilities. Let the risk drive your actions.

About the Author

CBI Cybersecurity

CBI, A Converge Company, is a leading cybersecurity advisor to many of the world’s top tier organizations. Founded in 1991, CBI provides innovate, flexible and customizable solutions that help ensure data is secure, compliant and available. We engage in an advisory-led approach to safeguard our clients against the ever-changing threat landscape—giving them comprehensive visibility into their entire security program and helping them avoid cyber challenges before they can impact their data, business and brand. We are dedicated to the relentless pursuit of mitigating risks and elevating corporate security for a multitude of industries and companies of all sizes.