Users of obsolete Windows versions get unlooked for benefit

Owners of Windows XP, Windows 2003, Windows 7 and Server 2008 got an unexpected present from Microsoft recently.

All of the OS's mentioned above have reached the end of their support lives and the company hasn't been issuing new security updates for them. However, they made a rare exception in the case of patching CVE-2019-0708.

CVE-2019-0708 is a critical security flaw that allows hackers to exploit the Remote Desktop Service and gain access to a target system without any authentication.

Windows 8 and later versions are unaffected by this flaw, but there are millions of vulnerable users still on the older operating systems we named above who are vulnerable.  Microsoft threw them a lifeline releasing the patch that addressed this issue, along with 79 other security flaws.

Malware affected these end-of-life versions of Windows

Last year, the malware strain known as Wannacry swept across the globe, infecting hundreds of thousands of systems, most of which were running older OS's.  Fearing that something similar could happen this year, the company took the extraordinary step of issuing an unexpected security patch.

While the smart money says that you should already be well into making plans to migrate away from these older operating systems with little to no support, that may not be possible for everyone.  At the very least then, be sure you grab the latest security patch from Microsoft, which will undoubtedly buy you at least a bit more time.

Our perspective

Honestly though, at this point, the only safe move is to migrate to a more modern OS with all possible speed, even if it means some short-term discomfort.  Wannacry devastated thousands of businesses of all shapes and sizes. Microsoft isn't going to continue making heroic efforts to save a user base unwilling to migrate forever.

Meanwhile, check out this report

Free Executive Report: 10 Hidden IT Risks That Might Threaten Your Business

The author

Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPia Blogs. I am also available at dwpia on LinkedIn, at dwpia on Facebook, and @dwpia on Twitter.

Cybersecurity Expert, Small Business Technology Consultant, Managed Services Provider, Managed IT SupportI am Denis Wilson, President and Principal Consultant for DWP Information Architects. We specialize in managed IT support for smaller healthcare practices, financial services firms, and nonprofits in Ventura County and San Fernando Valley. And have created cost-effective IT solutions, for over 20 years, specializing in cybersecurity and regulatory compliance. I am also a published author and speaker, working extensively with a variety of organizations. As well as providing small business technology education programs through business and professional associations.

Contact me if you would like me to speak at your association.