Published: Wed, May 15, 2019
IT | By Lester Massey

Microsoft Patches 'Wormable' Flaw in Windows XP, 7 and Windows 2003

Microsoft Patches 'Wormable' Flaw in Windows XP, 7 and Windows 2003

The patch came as part of Microsoft's monthly Patch Tuesday, which in May addressed 22 critical vulnerabilities.

ZombieLoad is known as a Microarchitectural Data Sampling (MDS) vulnerability, and it shares some characteristics with Spectre and Meltdown, the two side channel attacks announced in January 2018.

CVE-2019-0708 does not affect Microsoft's latest operating systems - Windows 10, Windows 8.1, Windows 8, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, or Windows Server 2012.

"An attacker who successfully exploited these vulnerabilities may be able to read privileged data across trust boundaries". However, the company did provide fixes in KB4500705, which users will have to apply manually. The patch probably won't affect performance on consumer systems, said the advisory.

While Microsoft says in its guidance that customers might need to disable HyperThreading on processors, Intel recommends against doing so and says it does not fully mitigate against MDS attacks. However, affected systems are still vulnerable to Remote Code Execution (RCE) exploitation if any attacker somehow has valid credentials. These include CVE-2019-0725, a vulnerability in Windows Server's DHCP server.

The vulnerability, CVE-2019-0708, lies within remote desktop services (formerly terminal services), the company said, which attackers can exploit by sending a specially created request to the target systems' remote desktop service via Remote Desktop Protocol (RDP).

A newly discovered vulnerability in the commonly used Remote Desktop Services (RDS) that can be abused to create worms or self-spreading malware has prompted Microsoft to create security patches for the obsolete Windows XP and Server 2003 operating systems.

Security updates for Microsoft Edge, Windows Scripting, Windows applications platform and Frameworks, Windows graphics, Windows Media, Windows wireless networks, Windows kernel.

Elsewhere, IT admins should also fix a zero-day flaw (CVE-2019-0863), which is being exploited in the wild and has also been publicly disclosed, meaning other hackers could use it in their own attacks. The vulnerability allows remote code execution with no user involvement or any authentication required, making it a gift to scum looking to spread malware.

Windows 10 is the most popular OS in the world right now, after overtaking ageing Microsoft software Windows 7.

Like this: