Microsoft Fixes a New Security Flaw in Windows XP

Posted on May 14, 2019 by Paul Thurrott in Windows with 14 Comments

In an unusual move, Microsoft today issued a security patch for Windows XP, which hasn’t been officially supported since 2014.

“Today Microsoft released fixes for a critical Remote Code Execution vulnerability in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows,” a Microsoft support document notes. “The Remote Desktop Protocol (RDP) itself is not vulnerable … [Instead,] the vulnerability is ‘wormable’, meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.”

Vulnerable systems include Windows XP and Windows Server 2003, neither of which is supported by Microsoft, as well as Windows 7, Windows Server 2008, and Windows Server 2008 R2.

“Customers running Windows 8 and Windows 10 are not affected by this vulnerability, and it is no coincidence that later versions of Windows are unaffected,” the support note trumpets in a bit of marketing. “Microsoft invests heavily in strengthening the security of its products, often through major architectural improvements that are not possible to backport to earlier versions of Windows.”

While releasing an update for Windows XP is unusual, it’s not unprecedented. Microsoft infamously and secretly fixed a serious flaw in the platform past its support end date when WannaCry took down the National Health Service in the UK in 2017. (I was told by a person familiar with the matter that Microsoft had little choice in the matter, despite its desire to never update XP again.)

If you are running Windows XP for some reason, you can get the patch for this newest flaw from the Microsoft Support website.

Tagged with

Join the discussion!

BECOME A THURROTT MEMBER:

Don't have a login but want to join the conversation? Become a Thurrott Premium or Basic User to participate

Register
Comments (14)

14 responses to “Microsoft Fixes a New Security Flaw in Windows XP”

  1. madthinus

    I have a lot of respect for Microsoft for doing this update. The mention of wormable reminds me of Blaster and how terrible it was to be infected without the need to do something. It just happened, because Firewalls was not mainstream and not standard in Windows. Windows XP is still operating machinery, we have one in our factory, so a wormable exploit is not good, especially where it targets essential equipment.

  2. hrlngrv

    Still a lot of ATMs, medical equipment and maybe airport terminal arrival/departure screens running XP, are there?

    OK, I still have XP on a VM, so I'll need to take care of this, then disable networking.

  3. dxtremebob

    I wonder if this is an issue if one is running Windows XP in Hyper-V on Windows 10.

  4. skane2600

    Good to see Microsoft acting responsibly. The cost to Microsoft to support security updates in old versions is most likely negligible but the value to users can be significant. Not to mention the advantages of good customer relations.

  5. Brazbit

    The majority of systems that still run XP these days are likely embedded in or controlling key industrial equipment or ATMs. It represents the easiest attack vector on gaining control over or access to large numbers of lasers, surveillance systems, financial institutions, and robots. If SkyNet or a mad scientist bent on world domination are to rise in reality we will have XP to thank for it. /tinfoil :)

  6. dontbe evil

    THIS is OS support ... not apple or google ones

  7. Todd Logsdon

    I bet you can think whichever large corporation is still paying money to MS to keep security updates to the OS going... in 2017 is was the UK NHS, not sure who it still is now though.

  8. cheetahdriver

    I have a ton of customers still using XP in dedicated equipment controls, and my advice is always the same. If they aren't on a dedicated airgapped network you need to airgap the system. Otherwise replace. There is no (IMHO) problem running XP on a machine if it's properly set up and airgapped. If you have it facing the internet, you get what you deserve (which is some hacker going and getting his 6yr old to show him how easy it was "in the old days").


    But kudos to Microsoft.

Leave a Reply