Microsoft and the Federal office for information security (BSI) warn of a dangerous security vulnerability in Windows. It is located in the remote maintenance service, and could be exploited without the Intervention of the User, says the BSI. Possible about an attack with malicious software, which spreads the worm-like self. Affected all versions of Windows up to Windows 7. Not Windows 8 and 10 are affected, according to Microsoft.
users should install the existing Updates immediately and manually before it comes to major damage, advises the authority. Microsoft provides the updates to Download here - for Windows versions such as XP, (here), which are no longer officially supported.
A possible attack could spread very quickly in an automated manner on many computers, similar to the so-called Wannacry attack in 2017, explaining both Microsoft as well as BSI. This worm attacked in 2017, rapidly, more than 100 000 computers in 150 countries. He encrypted the data on the computers. To get them back, demanded the anonymous attacker to ransom. In hospitals, he put the Computer and the MRI scanner to a halt and factories could no longer produce.
The concerned remote maintenance service is not activated according to the BSI in the rule by default. He will, however, be used for the remote maintenance of many servers.
An active Exploit of the vulnerability, the BSI could not yet determine, however, With its publication was to be assumed, that attackers have begun to develop very quickly in malicious software.