This means that over time, hackers might discover new security holes that will no longer be patched and might take advantage of that, such is the case with Windows XP, Windows 7, Windows Server 2003, Windows Server 2008 R2, and Windows Server 2008. Recently, Microsoft has announced that these versions of Windows are vulnerable to remote code execution in its Remote Desktop Service found in these builds of Windows.
According to the company, “This vulnerability is pre-authentication and requires no user interaction. In other words, the vulnerability is ‘wormable’, meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.”
Thankfully, they have since released a patch which owners of those versions of Windows should download and apply it to their computers. Microsoft notes that newer versions of Windows, such as Windows 8 and Windows 10 are not affected by this, so if you are running on either of those versions, there is no action required on your end.