Microsoft has released its most recent round of patches and urgently advises all users to update their operating system. This is because it has disclosed the existence of a bug that could potentially leave anyone running Windows vulnerable to remote installation of malicious code.
While the security update mainly makes reference to Windows Servers, the issue also extends to any system set up to listen for open ports or accept encrypted connections. Microsoft has not mentioned too many details about the vulnerability, possibly to prevent hackers from attempting to replicate it and attack systems that have managed to go unpatched. All that is known is that an open port will allow code to be remotely executed on the target computer; which could bring all sorts of potential problems and data theft.
The company mentions that there are no mitigating factors or workarounds for the vulnerability, leaving users to either update their operating systems or remain vulnerable. Fortunately, there does not appear to be any day-zero exploits for the bug at large at the moment. That doesn’t mean these won’t start appearing after this revelation.