Critical Windows bug could make worm meat of millions of high-value machines
Microsoft has plugged a critical hole in all supported versions of Windows that allows attackers to hit high-value computers with self-replicating attacks that install malicious code with no user interaction required.
The vulnerability in the Remote Desktop Protocol is of particular concern to system administrators in government and corporate settings because they often use the feature to remotely trouble-shoot e-mail servers, point-of-sale terminals and other machines when they experience problems. RDP is also the default way to manage Windows machines that connect to Amazon’s EC2 and other cloud services. That means potentially millions of endpoints are at risk of being hit by a powerful computer worm that spreads exponentially, similarly to the way exploits known as Nimda and Code Red did in 2001.
Well here’s one that isn’t out yet in the wild. Microsoft predicts that within 30 days the code will be written for malware. If you are running a server get patched quickly. If for some reason you can’t update right away, then turn on Network Level Authentication so that certificates are required to log in.
The security patch came out last Tuesday.
There will be a bunch of people that don’t get the word and don’t update, no matter how it is put out. So it’s a sure bet the malware code will be written and some will be compromised. Make sure you’re not one of them.
Leave a Reply