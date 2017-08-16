New Windows flaw could allow a WannaCry-like attack if not patched

by Doug Olenick  |  Wednesday 16 August 2017  | Comment Now
New Windows flaw could allow a WannaCry-like attack if not patched

Network administrators and computer owners are once again being implored to make sure that they have updated Windows to block a WannaCry-like vulnerability.

Check Point researchers have noted that Windows vulnerability CVE-2017-8620 is a flaw inside all current versions of the operating system that could allow worm-like malware to take hold and spread throughout a network. The fact that this is a known, patched issue with Windows make CVE-2017-8620 exactly the same as what happened with the flaw known as Eternal Blue, which was discovered, patched and then exploited in launching the WannaCry attack in May.

A Check Point spokesman told SC Media that no special hackers tool is needed and once exploited any malware would be able to use this exploit and infect computers. 

“The exact same thing could now happen with the newly discovered vulnerability, if computer users do not implement the security patch to protect endpoints and networks. The writing is on the wall. Users and organisations must learn  the lesson from the WannaCry attack, and upgrade their protections now, before it's too late,” Check point reported.

According to the Mitre organisation, the flaw impacts, “Windows Search in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it improperly handles objects in memory, aka "Windows Search Remote Code Execution Vulnerability".

In addition, the National Vulnerability Database further described the flaw as allowing unauthorised disclosure of information; unauthorised modification; and disruption of service.

This article originally appeared at scmagazineuk.com

Related Articles

Source: Copyright © SC Magazine, UK edition

See more about:  network administrators  |  wannacry  |  windows  |  windows search
 
 

More in Operating Systems (1 of 10 articles)

Windows 10 Pro for Workstations to arrive with Creators Update

NEWS

Windows 10 Pro for Workstations to arrive with Creators Update

More in Operating Systems (2 of 10 articles)

Nougat grows to 13% of all Android devices

NEWS

Nougat grows to 13% of all Android devices

More in Operating Systems (3 of 10 articles)

Apple releases iOS 11 beta 5

NEWS

Apple releases iOS 11 beta 5

More in Operating Systems (4 of 10 articles)

Android O could come out this week

NEWS

Android O could come out this week

More in Operating Systems (5 of 10 articles)

How to: Make the most of the Command Prompt with 19 of the best commands

FEATURE

How to: Make the most of the Command Prompt with 19 of the best commands

More in Operating Systems (6 of 10 articles)

How to: Start and exit Windows 10 in Safe Mode

NEWS

How to: Start and exit Windows 10 in Safe Mode

More in Operating Systems (7 of 10 articles)

Microsoft releases Windows 10 S to developers

NEWS

Microsoft releases Windows 10 S to developers

More in Operating Systems (8 of 10 articles)

Future Windows 10 updates may only land on newer hardware

NEWS

Future Windows 10 updates may only land on newer hardware

More in Operating Systems (9 of 10 articles)

Latest Windows 10 preview links your Android phone to your PC

NEWS

Latest Windows 10 preview links your Android phone to your PC

More in Operating Systems (10 of 10 articles)

10 best Android widgets

NEWS

10 best Android widgets

Latest Comments

Powered by Disqus

Latest Poll

Do you use a VPN?
View previous Polls »

From our Partners

PC & Tech Authority Downloads
 
 
 