Microsoft recently issued a security patch for discontinued operating systems including Windows XP and Server 2003. Windows took the unusual action of issuing patches for operating systems that it no longer supports because a newly discovered vulnerability could create a situation as devastating as the WannaCry ransomware attacks of 2017.
Microsoft released a patch for the so-called "BlueKeep" vulnerability weeks ago, but a large number of systems have not yet been updated.
Microsoft says it is confident that cybercriminals have already developed exploits to take advantage of the BlueKeep flaw. Security researchers claim that developing exploits for BlueKeep is easy. Cybercriminals can use a specially crafted Remote Desktop Protocol (RDP) request to run arbitrary code on a vulnerable computer. They can then install malware or ransomware or steal sensitive information.
Millions of computers still run Windows XP. Many of these systems "are part of critical infrastructure and enterprise environments where newer operating systems won't work," and all of them are vulnerable to BlueKeep if left unpatched.
According to Microsoft, the BlueKeep vulnerability is "wormable," which means that it can spread among systems. The Remote Desktop component in older versions of Windows is the source of the flaw. Windows 8 and 10 are safe from BlueKeep. Ryan Whitwam "A Million PCs May Be Vulnerable to BlueKeep Malware, Microsoft Urges Users to Patch" extremetech.com (May 31, 2019).
Security experts estimate that one million internet-connected computers remain vulnerable to BlueKeep.
Worms are a problem because they can quickly infect all computers. Such a large-scale attack could completely disable your operations, so prevention is important. Utilize up-to-date system architecture and/or patch for vulnerabilities.
Newer systems may update automatically, but older systems generally require manual updating, as is the case for the patch to fix BlueKeep. Often, organizations leave some network-connected computers running on autopilot. If that is the case in your organization, IT must routinely and frequently search for and install new patches for these machines.