Microsoft Fixes a New Security Flaw in Windows XP

In an unusual move, Microsoft today issued a security patch for Windows XP, which hasn’t been officially supported since 2014.

“Today Microsoft released fixes for a critical Remote Code Execution vulnerability in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows,” a Microsoft support document notes. “The Remote Desktop Protocol (RDP) itself is not vulnerable … [Instead,] the vulnerability is ‘wormable’, meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.”

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday — and get free copies of Paul Thurrott's Windows 11 and Windows 10 Field Guides (normally $9.99) as a special welcome gift!

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Vulnerable systems include Windows XP and Windows Server 2003, neither of which is supported by Microsoft, as well as Windows 7, Windows Server 2008, and Windows Server 2008 R2.

“Customers running Windows 8 and Windows 10 are not affected by this vulnerability, and it is no coincidence that later versions of Windows are unaffected,” the support note trumpets in a bit of marketing. “Microsoft invests heavily in strengthening the security of its products, often through major architectural improvements that are not possible to backport to earlier versions of Windows.”

While releasing an update for Windows XP is unusual, it’s not unprecedented. Microsoft infamously and secretly fixed a serious flaw in the platform past its support end date when WannaCry took down the National Health Service in the UK in 2017. (I was told by a person familiar with the matter that Microsoft had little choice in the matter, despite its desire to never update XP again.)

If you are running Windows XP for some reason, you can get the patch for this newest flaw from the Microsoft Support website.

Tagged with

Share post

Please check our Community Guidelines before commenting

Conversation 14 comments

  • madthinus

    Premium Member
    14 May, 2019 - 5:41 pm

    <p>I have a lot of respect for Microsoft for doing this update. The mention of wormable reminds me of Blaster and how terrible it was to be infected without the need to do something. It just happened, because Firewalls was not mainstream and not standard in Windows. Windows XP is still operating machinery, we have one in our factory, so a wormable exploit is not good, especially where it targets essential equipment. </p>

  • hrlngrv

    Premium Member
    14 May, 2019 - 6:10 pm

    <p>Still a lot of ATMs, medical equipment and maybe airport terminal arrival/departure screens running XP, are there?</p><p>OK, I still have XP on a VM, so I'll need to take care of this, then disable networking.</p>

    • dontbe evil

      15 May, 2019 - 1:46 am

      <blockquote><em><a href="#428160">In reply to hrlngrv:</a></em></blockquote><p>yup they should know how long the support last for and they should update them</p>

  • dxtremebob

    Premium Member
    14 May, 2019 - 6:12 pm

    <p>I wonder if this is an issue if one is running Windows XP in Hyper-V on Windows 10.</p>

    • VMax

      Premium Member
      15 May, 2019 - 1:42 am

      <blockquote><em><a href="#428161">In reply to DXtremeBob:</a></em></blockquote><p>If that Windows XP install is reachable by an attacker (or potentially infected system) then yes, otherwise, no. There's nothing about it running on a Windows 10 host that protects you other than whatever network translation, firewalling etc you may have configured.</p>

      • dxtremebob

        Premium Member
        15 May, 2019 - 6:44 pm

        <blockquote><a href="#428221"><em>In reply to VMax:</em></a></blockquote><p>Thanks!</p>

    • wright_is

      Premium Member
      15 May, 2019 - 2:16 am

      <blockquote><em><a href="#428161">In reply to DXtremeBob:</a></em></blockquote><p>If it has a network connection to the host, to other VMs or to the wider network, yes.</p>

      • dxtremebob

        Premium Member
        15 May, 2019 - 6:44 pm

        <blockquote><em><a href="#428229">In reply to wright_is:</a></em></blockquote><blockquote><span class="ql-cursor"></span>Thanks!</blockquote><p><br></p>

  • skane2600

    14 May, 2019 - 6:15 pm

    <p>Good to see Microsoft acting responsibly. The cost to Microsoft to support security updates in old versions is most likely negligible but the value to users can be significant. Not to mention the advantages of good customer relations.</p>

  • Brazbit

    14 May, 2019 - 7:12 pm

    <p>The majority of systems that still run XP these days are likely embedded in or controlling key industrial equipment or ATMs. It represents the easiest attack vector on gaining control over or access to large numbers of lasers, surveillance systems, financial institutions, and robots. If SkyNet or a mad scientist bent on world domination are to rise in reality we will have XP to thank for it. /tinfoil :)</p>

    • dontbe evil

      15 May, 2019 - 1:46 am

      <blockquote><em><a href="#428178">In reply to Brazbit:</a></em></blockquote><p>yup they should know how long the support last for and they should update them</p>

  • dontbe evil

    15 May, 2019 - 1:45 am

    <p>THIS is OS support … not apple or google ones</p>

  • Todd Logsdon

    15 May, 2019 - 8:19 am

    <p>I bet you can think whichever large corporation is still paying money to MS to keep security updates to the OS going… in 2017 is was the UK NHS, not sure who it still is now though.</p>

  • cheetahdriver

    Premium Member
    16 May, 2019 - 10:56 am

    <p>I have a ton of customers still using XP in dedicated equipment controls, and my advice is always the same. If they aren't on a dedicated airgapped network you need to airgap the system. Otherwise replace. There is no (IMHO) problem running XP on a machine if it's properly set up and airgapped. If you have it facing the internet, you get what you deserve (which is some hacker going and getting his 6yr old to show him how easy it was "in the old days"). </p><p><br></p><p>But kudos to Microsoft. </p>

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Thurrott © 2024 Thurrott LLC