Tech Talk: Flaws in Windows 10 causing concerns

by Ben Mims

Last week I had several customers ask me what is the new “worm” or “Windows Exploit” that I’ve been hearing about. So I thought we could touch on this subject.

Last week Microsoft released an update that they discovered four serious flaws in Windows 10 that the company fears could lead to launch a computer worm targeting PCs and servers across the world.

The four flaws are what the company calls “wormable,” meaning that it could pave the way for malware that automatically spreads from one vulnerable machine to the next, without any action from the user. Windows 7, and Windows 8.1 are also affected, however Windows XP is immune from the theat.

The vulnerabilities are within the Remote Desktop Service (RDS) feature in Windows, in which IT administrators and users can activate to gain remote control of their Windows computer on a network or over the internet. Normally, the access requires a correct login and password, but Microsoft's researchers discovered an unauthenticated attacker can break into an RDS-enabled computer by sending specially crafted data requests.

This could be very dangerous because once a hacker has access to a computer, the hacker can take control of the computer and do whatever the hacker pleases such as install malicious software, delete data, copy data, you name it.

The good news is Microsoft has rolled out an update that can be downloaded from their website or by simply applying the windows update. There is even more good news, Windows Home Edition computers don’t even come with RDS, and the Windows Pro Editions that do come with it, have it turned off by default.

If you have any questions regarding this you can email me at ben@benmims.com or call the office at (903) 683-0066.