Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003
As part of this month’s patch Tuesday, Microsoft released a critical patch for CVE-2019-0708, a “wormable” vulnerability affecting Windows 7, Windows Server 2008 R2, and Windows Server 2008 and various older operating systems. Due to the extraordinary severity of the flaw, Microsoft also released versions of the patch for otherwise unsupported operating systems including Windows XP and Windows 2003.
The company stated that although it is not aware of any real-world attempts to exploit the flaw, it issued a patch for all affected operating systems in order to prevent a global cyberattack similar to WannaCry. Simon Pope of the Microsoft Security Response Center explained that “the vulnerability is ‘wormable,’ meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. It is important that affected systems are patched as quickly as possible to prevent such a scenario from happening.”