As of two days ago, Microsoft patched a bug that has been affecting their systems for around 15 years, which could potentially allow an attacker to run scripts or take control of PCs running any version of Windows.  The problem, is that this vulnerability will remain unpatched for any system running Windows Server 2003.

This vulnerability is critical in relation to any network using Active Directory.  This bug is exploitable either locally or from a remote location, and may grant attackers administrator level access to the device.  Unfortunately, this cannot be fixed as easily as other known vulnerabilities because it is found in the core of Windows.  Microsoft states that the highest threat is to organizations that still use Windows 2003, which will only be supported into mid-July.

Microsoft recommends that all systems get patched, and if admins seek further guidance, they should check out: Microsoft Support

 

Related articles

 

Need-to-Know Privilege Explained

Need-to-Know Privilege Explained

In this blog post and video, we explore need-to-know privilege in cybersecurity and why it’s important for organizations to assign user permissions on a need-to-know basis.

read more

Pin It on Pinterest

Share This