Skip to main content
  1. Home
  2. Computing
  3. News

Older versions of Windows have critical vulnerability, should be updated ASAP

By
Image used with permission by copyright holder

If you’re running an older version of Windows, it’s vital to update it as soon as possible. Microsoft has warned about a critical security issue called BlueKeep which makes older Windows machines vulnerable to malware.

The vulnerability is technically known as CVE-2019-0708, and is found in Remote Desktop Services. It is a particular concern because the vulnerability is “wormable,” meaning that if a computer is infected through this vulnerability, it can pass on the malware to other computers. This is what allowed the WannaCry malware to spread so quickly and so far in 2017.

Recommended Videos

The vulnerable systems include those running Windows 7, Windows Server 2008 R2, and Windows Server 2008. If, for some unknown reason, you are running an even older version of Windows, like Windows 2003 or Windows XP, then your system is vulnerable too. (And now is a good time to remind you that you really ought to update to Windows 10.)

If you are running Windows 8 or Windows 10 then you needn’t worry, as the vulnerability won’t affect you.

If you’re wondering how many people are still running these old versions of Windows, you’d be surprised. Microsoft shared a recent report which estimates that nearly one million internet-connected computers are vulnerable, and there could be many more vulnerable computers on corporate networks as well.

“It only takes one vulnerable computer connected to the internet to provide a potential gateway into these corporate networks, where advanced malware could spread, infecting computers across the enterprise,” Simon Pope, Director of Incident Response at Microsoft Security Response Center wrote in a blog post. “This scenario could be even worse for those who have not kept their internal systems updated with the latest fixes, as any future malware may also attempt further exploitation of vulnerabilities that have already been fixed.”

The fix for the vulnerability was released on May 14, so users may not have updated yet. And although Microsoft says they have not yet detected a worm making use of this vulnerability, there is still a considerable risk that one could appear.

To further encourage users to update, Microsoft pointed out that two months passed between the release of a fix for the EternalBlue vulnerability and the time at which WannaCry and other ransomware attacks using it began. That attack caused chaos around the world, so it’s a good reminder of the importance of regularly updating your OS.

Editors' Recommendations

Topics
Georgina Torbet
Georgina Torbet
Space Writer
Georgina is the Digital Trends space writer, covering human space exploration, planetary science, and cosmology. She…
Update your Windows PC now to fix this critical PrintNightmare security flaw
Person sitting and holding Dell XPS 13 laptop on their lap.

You might have heard the news about "PrintNightmare," a vulnerability in the Windows Print Spool service that could leave hackers in control of your PC under certain conditions. After raising concern about it, Microsoft has officially issued a patch that resolves the issue and the company urges all Windows users to install it as soon as possible.

Though unrelated, Microsoft is also aware of a separate issue raised on July 16 relating to the spooler service that is yet to be patched and is working on a separate fix, coming later. This involves local (physical) access to a PC and potentially allowing hackers to install programs and view, change, or delete data via the spooler service.

Read more
Windows has a print vulnerability that hackers are actively using
Brother's L8360 is a great color laser printer for small offices.

Microsoft has updated its documentation around the "PrintNightmare" vulnerability that is impacting Windows PCs across the world. The company now says it is aware of the issue, which officially involves cases where the Windows Print Spooler service may perform privileged file operations and allow hackers into your device.

Though it's not clear if all versions of Windows are impacted by this vulnerability, Microsoft says that the print spooler code that has the vulnerability is in all versions of Windows. The print spooler is what usually handles print jobs in Windows. Specifically, hackers can exploit that code to run arbitrary code with system privileges.

Read more
The next version of Windows 10 might have Parallax 3D effects on the lock screen
windows 10 getting parallax 3d lock screen

Microsoft could be working to bring a new feel to the Windows lock screen in the next version of Windows 10. In the first major change to the lock screen since Windows 8, it is rumored to be getting support for "Parallax" 3D effects, according to a report from Windows Latest.

What this means is that the Windows lock screen could have a similar "Perspective Zoom" movement that Apple has implemented on the home screen and lock screen in iOS and iPadOS. This is where, as you rotate your device, the lock screen will respond to your movements with tilt or pan effects. The feature could be powered by accelerometers already found on board tablets like Microsoft's Surface Pro, or other 2-in-1s like the HP Spectre x360.

Read more