Massive Windows 10 Security Vulnerabilities Discovered

How to protect yourself from the wormable vulnerabilities that could affect 800m Windows 10 computers.

Yesterday (13/08/2019) Microsoft released a set of fixes for the Remote Desktop Services in Windows 10, including two critical Remote Code Execution vulnerability fixes, in its Security Response Center. And both Microsoft and ourselves are urging all Windows 10 users to apply those fixes immediately!

The two critical vulnerabilities in the Remote Code Execution are wormable, meaning that future malware that exploited them could spread from PC to PC without ANY user interaction, quickly infecting hundreds of millions of computers around the world.

The vulnerabilities were discovered by Microsoft during their ongoing attempts to make Windows 10 (and indeed, Windows 7, 8.1 and Windows Server) more secure. It is not thought that the vulnerabilities are known to third parties, but the they are still urging users to patch their systems as quickly as possible.

Which Versions of Window Are Affected?

The affected versions of Windows are Windows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, and all supported versions of Windows 10, including server versions.

Windows XP, Windows Server 2003, and Windows Server 2008 are not affected, nor is the Remote Desktop Protocol (RDP) itself affected.

How To Protect Your Windows 10 PC

Step 1 – If you have Automatic Updates enabled on your computer, the fixes should already have been applied, but it is worth checking in Settings > Updates & Security to see if you have any updates awaiting installation.

windows 10 updates

Step 2 – Click the Check for Updates button and wait for the search to finish and any available updates to be displayed. You will be looking for an update called “2019-08 Cumulative Update for Windows 10 Version 1903 for x64-based Systems (KB4512508)” or similar.

Step 3 – Alternatively, if you are worried that the patches haven’t been added automatically, you can go to CVE-2019-1182, look for your version of Windows in the list and download the security update manually. If you are unsure which version of Windows 10 is currently running on your computer, you can find out in Settings > System > About, and then scroll down to “Windows Specification”.

Find more guides like this in…

Russ Ware

Russ has been testing, reviewing and writing guides for tech since the heady days of Windows 95 and the Sega Saturn. Working for international publications in both print and online, if it has LED's, a screen, beeps or has source code, Russ will want to master it (and very likely take it apart to see how it works...)

Related Articles

Leave a Reply

Back to top button
Close