CBI Security Alerts are designed to keep you informed of new threats in the cybersecurity landscape, provide actionable insights on how to address these threats, and deliver our expert perspectives on what’s new in security.
Today’s Security Alert highlights the new Microsoft patch that protects older versions of Windows from “wormable” malware attacks.
According to a new article from Krebs on Security, Microsoft has just released a critical security update to patch a vulnerability that could potentially leave older Windows operating systems vulnerable to “wormable” type threats similar to 2017 WannaCry ransomware attack.
Microsoft took the unusual measure to patch older versions of Windows that are past their support lives after discovering the vulnerability and recognizing that many of the versions impacted, including Windows XP and Windows 2003, are still widely in use.
If you are using the “remote desktop services” built into certain older versions of Windows, you could be vulnerable to wormable malware attacks. This includes the following versions:
Newer versions of the Windows operating system are NOT affected, including Windows 10, Windows 8.1, Windows 8, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012.
CBI recommends you prioritize your patching process based on which systems have the highest risk to your organization due to the probability of the vulnerability being exploited.
Common variables to consider as you go:
Finally, our best practice recommendations are for you to follow your change management processes. Always backup your system BEFORE you patch, and use a testing bed before you perform an enterprise wide rollout. Remember, “Risk = Threat x Vulnerability” so you can lower your risk as you lower the threat exposure or vulnerabilities. Let the risk drive your actions.