Microsoft: Critical worm hole could be exploited within 30 days

Listen up, this one is serious.

There is a critical vulnerability in many versions of Windows, which could be exploited to spread a worm automatically between vulnerable computers.

Microsoft has issued a patch, urging owners of vulnerable PCs to fix their computers as a matter of urgency.

Remote desktop settings

Sign up to our free newsletter.
Security news, advice, and tips.

The vulnerability lies in a part of Windows called the Remote Desktop Protocol (RDP) and could allow malicious hackers to run code – without the users’ permission. That’s obviously much more serious than a vulnerability which relies upon a user to click on an attachment, or be tricked into running a piece of code.

The security hole affects Windows XP and all versions of Windows released since, including the developer preview of Windows 8.

The nature of the vulnerability, and the fact that it impacts such a wide range of Windows computers, makes it very attractive to attackers.

In a blog post, Microsoft predicted that an exploit would be created for the vulnerability within 30 days:

"Due to the attractiveness of this vulnerability to attackers, we anticipate that an exploit for code execution will be developed in the next 30 days."

Windows logo with wormIf Microsoft is prepared to say something like that, you really should sit up and pay attention.

The good news is that by default, RDP is not enabled on Windows, and if RDP is disabled you’re not at risk. The bad news is that RDP has been frequently enabled by IT teams inside enterprises.

Microsoft is strongly encouraging Windows users to apply the MS12-020 security patch, but if your company cannot roll it out in a timely fashion has published information about other methods of reducing the chances of a threat impacting your organisation.

Image of worm courtesy of Shutterstock.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.