Microsoft released fixes Tuesday for a “wormable” remote code execution flaw reminiscent of the vulnerability that allowed WannaCry ransomware to propagate to computers around the globe in 2017. The Remote Desktop Services vulnerability, which Microsoft has rated as critical, could allow hackers to install programs, and view, change, or delete data. It requires no user interaction to work, meaning users don’t have to click on anything, such as a link, document, or message box, and attackers don’t need to run social engineering projects to dupe users. Microsoft took the unusual step of launching security updates for all users, including unsupported operating systems like XP and Windows 2003, due to the risk that the flaw can lead to self-propagating attacks. “In other words, the vulnerability is ‘wormable,’ meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the […]
The post Microsoft patches critical vulnerability comparable to WannaCry appeared first on CyberScoop.
Continue reading Microsoft patches critical vulnerability comparable to WannaCry→