Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
Slayerking92

RDP Services Remote Code Execution Vulnerability (CVSS Score 9.8) so severe Microsoft Patching XP and Server 2003

Recommended Posts

Posted · Original PosterOP

In case anyone here is still running XP.  It must be serious if M$ is making an XP patch.

Quote

Microsoft today is taking the unusual step of releasing security updates for unsupported but still widely-used Windows operating systems like XP and Windows 2003, citing the discovery of a “wormable” flaw that the company says could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017.

https://krebsonsecurity.com/2019/05/microsoft-patches-wormable-flaw-in-windows-xp-7-and-windows-2003/

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708

 

XP Patches are here: https://support.microsoft.com/en-us/help/4500705/customer-guidance-for-cve-2019-0708

Link to post
Share on other sites

Microsoft cant kill XP/2003 lel


Main Laptop (Gearsy MK2): Ryzen 5 2500U, Vega 8 Mobile,12 GB 2400 Mhz DDR4, 250 GB 960 Evo NVME PCIE SSD  1 TB HDD, 15.6" 1080p IPS Touchscreen 

HP Envy X360 15z (Ryzen)

 

PC (Gearsy): A6 3650, HD 6530D , 8 GB 1600 Mhz Kingston DDR3, Some Random Mobo Lol, EVGA 450W BT PSU, Stock Cooler, 128 GB Kingston SSD, 1 TB WD Blue 7200 RPM

HP P7 1234 (Yes It's Actually Called That) 

 

Also im happy to answer any Ryzen Mobile questions if anyone is interested! 

 

 

 

 

 

Link to post
Share on other sites

Still have some XP machines here at work, though they're primarily for the very expensive machinery they're attached to.


The pursuit of knowledge for the sake of knowledge.

Forever in search of my reason to exist.

Link to post
Share on other sites
7 hours ago, Silentprototipe said:

Microsoft cant kill XP/2003 lel 

I think there was a story that the US Navy made a special deal with Microsoft to continue using Windows XP and get longer support for it. There's still a need for Microsoft to support them some what.

37 minutes ago, williamcll said:

It shocks me how people still use windows 8

Until recently I think Luke was using Windows 8, Windows 7 wasn't being supported for some newer titles and he still had bad experiences from Windows 10. I think he's running Linux Mint now, pretty good Linux distro for those comfortable with Windows-like environments.

 

Also, this seems like something that would be used in a CTF event using a tool like Metasploit or Armitage is Kali Linux. As you might expect, there's a ton of vulnerabilities for unpatched and outdated versions of Windows especially server editions.

Link to post
Share on other sites
8 hours ago, Captain Chaos said:

Kinda makes sense, seeing as they only really dropped support for XP POSready this April.  About 4% of Windows machines are still on XP.

1380786788_Windowsshare2019-04.jpg.b6752d234bb7331714076e716725bf8c.jpg

 

 

hmm ... also it looks like Win7 overtook Win10 again.  

I think Windows XP has always been piece of shit ready regardless of date or version.

Link to post
Share on other sites
3 hours ago, ZacoAttaco said:

I think there was a story that the US Navy made a special deal with Microsoft to continue using Windows XP and get longer support for it.

"we have the enemy ship in our reach. they are not aware of us"

"load the USB torpedos"

Link to post
Share on other sites
12 hours ago, Silentprototipe said:

Microsoft cant kill XP/2003 lel

I almost feel like XP is like the first OS where A LOT of people went from "no computer" to "computer" 

Which I guess sort of explains why people don't want to let go of it. It's all they've ever known

 

+ I guess that came before the time where people had the general realization "hey this is new now but in 7-10 years it wont be supported anymore so lets make sure we don't build ourselves into a hole"


"There is nothing more difficult than fixing something that isn't all the way broken yet." - Author Unknown

"A redline a day keeps depression at bay" - Author Unknown

Spoiler

Intel Core i7-3960X @ 4.4 GHz - Asus P9X79WS/IPMI - 12GB DDR3-1600 quad-channel - EVGA GTX 1080ti SC - Fractal Design Define R5 - 500GB Crucial MX200 and 2 x Seagate ST2000DM006 (in RAID 0 for games!) - The good old Corsair GS700 - Yamakasi Catleap 2703 27" 1440p and ASUS VS239H-P 1080p 23" - NH-D15 - Logitech G710+ - Mionix Naos 7000 - Sennheiser PC350 w/Topping VX-1

 

Avid Miata autocrosser :D

Link to post
Share on other sites
2 hours ago, bcredeur97 said:

I almost feel like XP is like the first OS where A LOT of people went from "no computer" to "computer" 

Which I guess sort of explains why people don't want to let go of it. It's all they've ever known

 

+ I guess that came before the time where people had the general realization "hey this is new now but in 7-10 years it wont be supported anymore so lets make sure we don't build ourselves into a hole"

To be fair.  For non-enthusiast folks, computers really can run for a LONG time.

 

I just got an original Mac mini Core Solo (from 2006) up and running on ubuntu linux not that long ago, and if all you did was e-mail and some occasional web usage and looking at some photos on it, it'd still be fine (Firefox works fine, just slow, and streaming video isn't ok).  So, for the majority of "normal home" usage cases, like that and writing some documents, it is fine even if not snappy.  Most people would then just use their phone/tablet for the majority of web and streaming usage these days anyway, preferring a new one of those to a new computer, letting older computers live even longer.

 

So, while for us tech people, that would be out of the question…my mom is still VERY happy with her 2012 Mac mini and it shows no signs of being slowed down, even when running lots of things at once, including streaming content to the AppleTV in the living room from the office, except when she's editing large RAW photos from her DSLR.

Link to post
Share on other sites

I know why they do this - with things that are particularly serious they feel a responsibility to protect people - but frankly I'm not a fan of them going back and patching super obsolete systems like this.  I think there's several downsides to it.  For one, it gives people a false impression that it's ok to still be using these systems - "oh, it still gets the important patches, it must be safe", when in fact, of course it is not.  It also undermines the whole concept of supported vs not supported, and gives people an excuse to hang on even longer.  I know there's people who for some reason or another are obsessed with defending and clinging to obsolete things and come up with all sorts of absolutely asinine reasons for it based on the most ridiculous mental gymnastics, and for them, they'll see this patch as a win, and take offence at the very idea that maybe XP has had its day and should be put to rest.  I have to imagine this is because they're either still developing for these platforms or were part of the decision to use them in wherever they work and have to defend their decision to avoid feeling like an absolute fool.  I think it's important that companies, and everyone in general, realizes that these are by far not the majority and not the people we should be taking direction from.  If they had their way, we'd still be making finger paintings with blood on the side of our cave walls because it's still superior to pen and paper in durability.  It's time to leave these systems behind, and if necessary, the people who use them.  The world evolves as time passes.  Accept it and move with it.  Maybe even consider being one who drives it forward instead of trying to weigh it down like a technological boat anchor.

Link to post
Share on other sites
9 hours ago, justpoet said:

To be fair.  For non-enthusiast folks, computers really can run for a LONG time.

 

I just got an original Mac mini Core Solo (from 2006) up and running on ubuntu linux not that long ago, and if all you did was e-mail and some occasional web usage and looking at some photos on it, it'd still be fine (Firefox works fine, just slow, and streaming video isn't ok).  So, for the majority of "normal home" usage cases, like that and writing some documents, it is fine even if not snappy.  Most people would then just use their phone/tablet for the majority of web and streaming usage these days anyway, preferring a new one of those to a new computer, letting older computers live even longer.

 

So, while for us tech people, that would be out of the question…my mom is still VERY happy with her 2012 Mac mini and it shows no signs of being slowed down, even when running lots of things at once, including streaming content to the AppleTV in the living room from the office, except when she's editing large RAW photos from her DSLR.

So are you saying that because XP can still do the tasks that average people use that companies should be forced to keep maintaining them until they can't adequately receive an email?  XP is 18 years old. and trying to keep it running safely will come at the cost of resources going into OS that support new hardware for everyone else.

 

Besides all that, if the only thing the average users does is email and word then a $300 laptop every 5 to 6 years is a better proposition than being stuck in the dark ages of technology.


QuicK and DirtY. Read the CoC it's like a guide on how not to be moron.  Also I don't have an issue with the VS series.

Link to post
Share on other sites
1 hour ago, mr moose said:

So are you saying that because XP can still do the tasks that average people use that companies should be forced to keep maintaining them until they can't adequately receive an email?  XP is 18 years old. and trying to keep it running safely will come at the cost of resources going into OS that support new hardware for everyone else.

 

Besides all that, if the only thing the average users does is email and word then a $300 laptop every 5 to 6 years is a better proposition than being stuck in the dark ages of technology.

No, I'm saying that most people who have it just say "it works" and don't upgrade anything, because the mindset is "why spend ANY money on it when it is already fine?"  They don't see it the same way we do.  To them it is just like the washer and dryer.  It is an appliance that works until it doesn't.

Link to post
Share on other sites
16 hours ago, Ryan_Vickers said:

I know why they do this - with things that are particularly serious they feel a responsibility to protect people - but frankly I'm not a fan of them going back and patching super obsolete systems like this.  I think there's several downsides to it.  For one, it gives people a false impression that it's ok to still be using these systems - "oh, it still gets the important patches, it must be safe", when in fact, of course it is not.  It also undermines the whole concept of supported vs not supported, and gives people an excuse to hang on even longer.  I know there's people who for some reason or another are obsessed with defending and clinging to obsolete things and come up with all sorts of absolutely asinine reasons for it based on the most ridiculous mental gymnastics, and for them, they'll see this patch as a win, and take offence at the very idea that maybe XP has had its day and should be put to rest.  I have to imagine this is because they're either still developing for these platforms or were part of the decision to use them in wherever they work and have to defend their decision to avoid feeling like an absolute fool.  I think it's important that companies, and everyone in general, realizes that these are by far not the majority and not the people we should be taking direction from.  If they had their way, we'd still be making finger paintings with blood on the side of our cave walls because it's still superior to pen and paper in durability.  It's time to leave these systems behind, and if necessary, the people who use them.  The world evolves as time passes.  Accept it and move with it.  Maybe even consider being one who drives it forward instead of trying to weigh it down like a technological boat anchor.

It feels as if Microsoft is facing punishment for its "legacy support above all else" mindset from years past, where it insisted on maintaining compatibility at the expense of progress.  In that sense, Apple has had the right idea for a long time -- you sometimes need to give users a push if you're going to move technology forward.

Link to post
Share on other sites
6 hours ago, Commodus said:

It feels as if Microsoft is facing punishment for its "legacy support above all else" mindset from years past, where it insisted on maintaining compatibility at the expense of progress.  In that sense, Apple has had the right idea for a long time -- you sometimes need to give users a push if you're going to move technology forward.

MS didn't insist on any of that, consumers demanded it.  When their OS is running everything from nuclear submarines to high precision and extremely lean manufacturing plants, they couldn't afford to not support legacy.  

 

EDIT: in fact they tried to get away from it much earlier but that older tech is so entrenched in some services that companies elected to spend millions on further support rather than billions on upgrading everything.


QuicK and DirtY. Read the CoC it's like a guide on how not to be moron.  Also I don't have an issue with the VS series.

Link to post
Share on other sites
On 5/15/2019 at 7:24 AM, williamcll said:

It shocks me how people still use windows 8

Its people that bought a system during that era and just never bothered to upgrade for reasons such as not having time or being production equipment where if it ain't broke, don't fix it.

 

My networking teacher was running a laptop with 8.1 until 2 weeks ago. he only upgraded because he bought a new laptop.


this is one of the greatest thing that has happened to me recently, and it happened on this forum, those involved have my eternal gratitude http://linustechtips.com/main/topic/198850-update-alex-got-his-moto-g2-lets-get-a-moto-g-for-alexgoeshigh-unofficial/ :')

i use to have the second best link in the world here, but it died ;_; its a 404 now but it will always be here

 

Link to post
Share on other sites
On 5/15/2019 at 1:01 AM, ZacoAttaco said:

I think there was a story that the US Navy made a special deal with Microsoft to continue using Windows XP and get longer support for it. There's still a need for Microsoft to support them some what.

Not surprising, I still see some rare XPs used by the Army and AirForce as well.

Along with some W7s too.

On 5/15/2019 at 4:58 AM, leadeater said:

"Raise 5.25" floppy shields!"

....

....

Put tapes with that as well. 

On 5/15/2019 at 8:14 PM, justpoet said:

No, I'm saying that most people who have it just say "it works" and don't upgrade anything, because the mindset is "why spend ANY money on it when it is already fine?"  They don't see it the same way we do.  To them it is just like the washer and dryer.  It is an appliance that works until it doesn't.

Sums up how a good chunk of my relatives view computers.  Though, good chunk of them no longer use desktops anymore.


Just a nutty gal that abuse hardware with F@H and BOINC.

F@H & BOINC Installation on Linux Guide

My CPU Army: 4690K Delid, E5-2670V3, 1900X, 1950X, 5960X J Batch

My GPU Army:960 FTW at 1551MHz, 1080Ti FTW3, 1080Ti SC, 1070 Hybrid, 2x Titan XP

My Console Brigade: Gamecube, Wii, Wii U, Switch, PS2 Fatty, PS4 Pro, Xbox One S, Xbox One X

My Tablet Squad: iPad 9.7" (2018 model), Samsung Tab S, Nexus 7 (1st gen)

 

Hardware lost to Kevdog's Law of Folding

OG Titan, 5960X, ThermalTake BlackWidow 850 Watt PSU

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Buy VPN

×