Microsoft recently released a critical update (KB4500331) to patch a remote code execution vulnerability in Windows XP. It’s been years since Microsoft ended official support for the operating system.
The fact that the company released this patch shows just how severe this vulnerability was. You can imagine the nature of the bug that forced Microsoft to release a critical security patch for Windows XP and Windows Server 2003 after 5 years.
The tech giant released the update for devices running Windows XP, Windows 7, Windows Server 2003, and Windows Server 2008 to fix a “wormable” vulnerability.
However, there is an issue associated with this update, as it is not available via Windows Update. Windows XP users need to manually install the patch from Microsoft’s website.
You can simply visit Microsoft’s Update Catalog to download KB4500331 for Windows Server 2003 or Windows XP.
However, the patch is available to Windows Server 2008 and Windows 7 users via Windows Update. Moreover, Microsoft confirmed that Windows 8 and Windows 10 users remain safe from the bug.
No threats so far
Although Microsoft has not seen any serious security threats, the company is taking all necessary measures to prevent hackers from exploiting this secyrity vulnerability.
If exploited, this security problem can lead to another WannaCry-style malware attack. The Redmond giant says that devices that have network level authentication are safe from these threats at least to some extent.
We’re sure no one forgot the horrible WannaCry outbreak and its impact on users around the world. That is why the company didn’t want to take any risks and fall into the trap once again.
The attackers know that most Windows users (both individual and enterprise users) avoid Windows updates or at least postpone installing them. The update process can sometimes turn into a mess specifically for large organizations.
Attackers can potentially take advantage of similar situations to inject malware that can spread from one PC to another. Microsoft warns its users by stating that:
However, affected systems are still vulnerable to Remote Code Execution (RCE) exploitation if the attacker has valid credentials that can be used to successfully authenticate.
The company recommends Windows XP users to install the latest updates to block any potential attacks. Or better yet, to upgrade to the latest Windows 10 OS version.
RELATED ARTICLES YOU NEED TO CHECK OUT: