The software giant has issued updates for its systems dating back as far as Windows XP, which was introduced in 2001 and the company stopped supporting in 2014.
The patch, Microsoft said, would close the loophole that could be used by hackers to spread a virus. According to the company, the vulnerability is pre-authentication and requires no user interaction and can self propagate.
Potentially, hackers could exploit this vulnerability to launch a global virus similar to the 2017 Wannacry worm, which infected thousands of systems.
- Edinburgh Ranked World’s 15th Most Talent-rich City
- International Police Operation Takes Down GozNym Cybercrime Gang
- Teen Commits Suicide After Instagram Poll
In a blog post about the bug, Simon Pope, Microsoft’s director of incident response, wrote: “While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.
“Now that I have your attention, it is important that affected systems are patched as quickly as possible to prevent such a scenario from happening.”
In the same blog Pope said that customers running Windows 8 and Windows 10 will not be affected by the vulnerability.
“It is no coincidence that later versions of Windows are unaffected. Microsoft invests heavily in strengthening the security of its products, often through major architectural improvements that are not possible to backport to earlier versions of Windows,” he wrote.
Patches have been released for the following systems:
- Windows XP
- Windows 2003
- Windows 7
- Windows Server 2008
Roughly 3.75% of desktops currently use XP or its variants, according to market industry data. Wired said that due to the wide variety of vulnerable versions of Windows, “millions of machines were at risk”.
The company says that they’ve observed no exploitation of this vulnerability to date, but still urge customers to update their systems.