Windows XP and 7 vulnerable to an attack similar to WannaCry

The flaw identified by Microsoft could allow hackers to take control of a remote computer by using an arbitrary code execution attack. This kind of attack consists in exploiting a vulnerability in the defenses of a system to force it to give access to functionalities against the will of its owner.

For example, an attacker could gain administrator rights and then make changes to the computer or access otherwise unreachable data.

A major flaw

The flaw is so important that Microsoft was an exception to its habit by issuing updates for Windows XP and Windows Server 2003, two versions that are no longer officially supported by the company. These updates are on a specially created page for them on the Microsoft site.

Windows 7, Windows Server 2008, and Windows Server 2008 R2 are also subject to a downloadable security update either through Windows Update or directly on the bug page.

These updates should be immediately applied by users of vulnerable versions of Windows.

Windows 8 and 10 are not affected by this problem.

Hints of WannaCry

Microsoft has not seen an exploit exploiting the vulnerability revealed on Tuesday, but hackers could study security updates to try to design a malware that can take advantage of it.

The WannaCry virus caused headaches in many parts of the world in 2017 when it spread rapidly over large networks . This ransomware had the effect of encrypting the data of infected computers before asking for a ransom to restore access.

In particular, he had paralyzed the computer systems of the British health network. In Canada, the University of Montreal and Cambrian College were also affected.