Microsoft is now advising users running Windows 7 and Windows XP to download and install the latest update to protect their devices and data from a possible widespread attack.
According to a new report from The Verge, the software giant recently issued a fix to address a critical remote code execution vulnerability hidden in the Remote Desktop Services (CVE-2019-0708) on Windows 7, Windows XP, Windows Server 2008 R2, Windows Server 2008, and even Windows Server 2003.
The company says that it hasn’t seen any exploits as a result of this vulnerability, but it shouldn’t take long until malicious individuals create malware based on this update.
In addition, Microsoft’s Simon Pope reveals that this “vulnerability is pre-authentication and requires no user interaction,” which means that “the vulnerability is ‘wormable’” similar to the “WannaCry malware spread across the globe in 2017.”
The good news is that Windows 10 and Windows 8.x are not affected by this problem. However, the company is releasing updates to keep older and unsupported version of Windows protected against this vulnerability.
If you’re still running Windows 7, the update should install automatically, but if you’re still on Windows XP, you’ll need to download and install the update manually from the Microsoft Update Catalog website.