Microsoft is trying to head off another WannaCry-style malware outbreak before it starts. The software giant has released fixes for a Remote Desktop Services (aka Terminal Services) vulnerability that could allow “wormable” malware that spreads from computer to computer without requiring any user input. The exploit affects Windows 7, Windows Server 2008 R2 and older releases. Not surprisingly, Microsoft isn’t taking any chances. While it’s no longer officially supporting Windows XP and Windows Server 2003, it’s patching both platforms to prevent ancient PCs (like those used in some business and government scenarios) from falling prey to attacks.
The company stressed that it had seen “no exploitation” ahead of the patch, but though it was “highly likely” that malware writers would use the security hole. Some systems that have Network Level Authentication have a partial defense, since they require credentials before the flaw is usable.
There’s no doubt as to why Microsoft is doing this. WannaCry had a devastating impact on PCs worldwide, including the UK’s health care system, and Microsoft doesn’t want to risk contributing to the issue by leaving systems unpatched. There’s no guarantee that this will avert a crisis, though. Malware like WannaCry tends to spread precisely because companies and institutions are reluctant to update their systems and risk breaking important software — it’ll only be effective if Microsoft can convince customers that the fixes are too important to ignore.