GCHQ’s NCSC finds WannaCry-bad, wormable bug; Microsoft even to patch Windows XP

Credit: ID 92627644 © Freehand2 |

Microsoft on Tuesday released patches for 79 vulnerabilities for May’s Patch Tuesday, but one of them affecting a feature called Remote Desktop Services (RDS) stands out because and has even warranted a rare patch for Windows XP. 

Windows 10 PCs aren’t vulnerable to this RDS bug  so consumers can breath a sign of relief, but this “critical” rated vulnerability is worth paying attention to for anyone responsible for networks that have older versions of Windows, from unsupported Windows XP to the still-supported Windows 7. 

Microsoft last patched Windows XP in the wake of WannaCry, which used the National Security Agency’s (NSA) leaked Eternal Blue exploit to spread within networks. The malware encrypted files on thousands of computers at the UK’s National Health Service. 

The WannaCry attack, which happened this month two years ago, was eventually blamed by Five Eye nations on North Korean government hackers

Microsoft’s unscheduled May 2017 update in response to WannaCry was the first time in three years it had patched unsupported versions of Windows, including most notably Windows XP. Microsoft described it as a “highly unusual step”.