For protection from similar to WannaCry worm Microsoft released updates for old Windows versions

Microsoft highly recommends users of old Microsoft versions (Windows XP, Windows 7, Windows Server 2003, Windows Server 2008 R2 and Windows Server 2008) update their systems with the use of yesterday released update.

Exploit that use attackers involves vulnerability of the remote code execution (RCE) in Remote Desktop Services.

Seriousness of problem is explained by release of updates for Windows XP and Windows Server 2003, systems that soon have to terminate their living.

«The Remote Desktop Protocol (RDP) itself is not vulnerable. This vulnerability is pre-authentication and requires no user interaction. In other words, the vulnerability is ‘wormable’, meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017», — explains Simon Pope, Director of Incident Response, Microsoft Security Response Center (MSRC).

Microsoft specialists could not get exploits at their disposal, though in corporation have no doubts that after release of patches attackers will immediately start reverse engineering and on the base of patches will create own exploits.

“In response, we are taking the unusual step of providing a security update for all customers to protect Windows platforms, including some out-of-support versions of Windows”, — reported Simon Pope.

Technical giant assured that Windows 8 and Windows 10 systems are not sensitive to this security issue. However, millions Windows 7 lovers will have to patch their systems.

Read also: Microsoft acknowledged that policy of password aging is ineffective

Source: https://blogs.technet.microsoft.com