Update Windows: Microsoft warns wormable Windows bug could lead to another WannaCry

Run Windows update ASAP if you can!

“Microsoft is warning that the Internet could see another exploit with the magnitude of the WannaCry attack that shut down computers all over the world two years ago unless people patch a high-severity vulnerability. The software maker took the unusual step of backporting the just-released patch for Windows 2003 and XP, which haven’t been supported in four and five years, respectively.”

1 Like

More like update to a modern, supported OS. Let’s not spread fear and paranoia. Yes, update if you’re on a Windows that’s not 10 or 8.

Per the article referenced:

“Customers running Windows 8 and Windows 10 are not affected by this vulnerability, and it is no coincidence that later versions of Windows are unaffected,” Pope wrote.

Updating to Windows 10 is free and easy. For any wondering, download the Media Creation Tool, choose the USB option and then you can upgrade or format to Windows 10. Make backups first if you are concerned about losing data.

1 Like

@Tarun

I agree, and I think Windows 10 is worth upgrading to. Laptop Magazine has an article from 2019 that says you can still get the free Windows 10 upgrade if you follow their instructions.

1 Like

It’s very easy to upgrade to Windows 10, whether it’s from 7 or 8, or an older version of 10 (1709 for example) and in all the times I’ve done the upgrade I’ve never seen data loss.

You only really need the key for Windows 7 and activation, because Windows 8 and 10 the keys are tied to the hardware.

I’ve read that Windows 7 will get the offer (perhaps by something like GWX) again before their support reaches EOL.

1 Like

The 3388 and 3389 ports vulnerability has been around for as long as I can remember, back to Windows 95 as a concern for mainstream users. In the enterprise, they’ve always been on the security to-do list.

How many know what Remote Desktop is or even know it exists? (That’s rhetorical.) And it doesn’t exist in Windows 7 Home. I can’t recall how it’s implemented in all the vast and sundry versions of 8 and 10.

A common practice for the port 3388/3389 thing has been to find Remote Desktop Configuration and Remote Desktop Services in services.msc and set them to disable if not already in that state.

While you’re at it, right click on Computer, select Properties, click on Remote Settings and uncheck “Allow Remote Assistance…” if not already in that state.

Those running with and savvy with Windows Firewall can create rules to block ports 3388 & 3389, too.

Unless I’m mistaken, properly configured, GlassWire should alert with a first network connection if an outbound session is initiated.

Which is not to say you shouldn’t run Windows Update. The current fix will be OK until the next 3388/3389 hack is whipped up.

Anyhow, as the Ars Technica article reports, “Much of the attack traffic we see against RDP appears to be directed specifically at point-of-sale systems…” These will be fixed once the retailers happen to note all the customers lined up at the cash registers.

1 Like