Microsoft patches Critical RCE bug in unsupported OS

Microsoft patches Critical RCE bug

In case you missed it in the May security updates, Microsoft also provided patches to plug a critical remote code execution (RCE) vulnerability in older Windows XP and Windows Server 2003 operating systems (OS).

In most cases, customers running older OS, like Windows XP, no longer receive patches as they are out of mainstream support and are at much great risk of vulnerability exploits.

Microsoft must of felt the risks were just too great as the company made an exception to patch a Remote Desktop Services RCE vulnerability CVE-2019-0708 in unsupported Windows XP and Windows Server 2003.

“Given the potential impact to customers and their businesses, we made the decision to make security updates available for platforms that are no longer in mainstream support (see download links in the following table). These updates are available from the Microsoft Update Catalog only. We recommend that customers running one of these operating systems download and install the update as soon as possible,” Microsoft stated in the customer guidance advisory.

The patches for CVE-2019-0708 were made available for the following OS:

  • Windows XP Professional x64 Edition SP2
  • Windows XP Embedded SP3 x86
  • Windows Server 2003 SP2 x86
  • Windows Server 2003 x64 Edition SP2

Users of these outdated OS should download and install the updates as soon as possible.

Check out more details on the May Security Updates.