Microsoft has issued a critical Windows update to older machines to prevent a vulnerability which could allow attacks.
The computing giant has taken the drastic and unusual step of providing a fix to systems it no longer supports, including Windows XP – its popular operating system released almost 18 years ago. The urgent warning issued by Microsoft is to help prevent a WannaCry-style attack.
Microsoft says the vulnerability affects a part of the Remote Desktop Services feature on some previous versions of Windows, which could allow devastating malware attacks to pass from vulnerable computer to vulnerable computer, as WannaCry did.
NHS hit in 2017
WannaCry notably hit parts of the NHS in May 2017, disrupting 80 trusts across England alone because they were either infected by the ransomware or had turned off their devices or systems as a precaution.
The health service was forced to cancel almost 20,000 hospital appointments and operations as a result, while five A&E departments had to divert patients to other units. This caused widespread disruption and inconvenience – as well as a large financial cost.
Simon Pope, Microsoft’s director of incident response, said it had found “no exploitation” but warned it is “highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware”.
He added: “It is important that affected systems are patched as quickly as possible to prevent such a scenario from happening.”
Which devices are affected?
The flaw affects devices running Windows XP and Windows 2003, as well as Windows 7, Windows Server 2008 R2, and Windows Server 2008 – which are still currently supported.
Microsoft’s most recent operating systems, Windows 8 and Windows 10, are unaffected.