The Microsoft Tax: Critical Windows flaw affects millions of high-value PCs with self-replicating attacks

“Microsoft has plugged a critical hole in all supported versions of Windows that allows attackers to hit high-value computers with self-replicating attacks that install malicious code with no user interaction required,” Dan Goodin reports for Ars Technica.

“The vulnerability in the Remote Desktop Protocol is of particular concern to system administrators in government and corporate settings because they often use the feature to remotely trouble-shoot e-mail servers, point-of-sale terminals and other machines when they experience problems,” Goodin reports. “RDP is also the default way to manage Windows machines that connect to Amazon’s EC2 and other cloud services.”

Goodin reports, “That means potentially millions of endpoints are at risk of being hit by a powerful computer worm that spreads exponentially, similarly to the way exploits known as Nimda and Code Red did in 2001… The bug affects Windows XP and all versions of Windows released since, including the developer preview of Windows 8.”

Read more in the full article here.

MacDailyNews Take: Good thing you “saved” a few bucks when you procured those Dell boxen, right Mr. IT Doofus?

How about you stop screwing your users for a change, dummy?

One acronym: TCO.

And, there’s really only one true “high value” personal computer and it’s immune.

[Thanks to MacDailyNews Reader “Grapho” for the heads up.]

Related articles:
The Microsoft Tax: Virus infects Windows PC control systems of US Predator and Reaper drones – October 8, 2011
The Microsoft Tax: ‘Indestructible’ botnet attacks millions of Windows PCs; Macintosh unaffected – July 1, 2011
The Microsoft tax: Stuxnet computer worm infects Microsoft’s porous Windows OS; Mac unaffected – September 27, 2010
The Microsoft Tax: New undetectable Windows trojan empties bank accounts worldwide; Mac unaffected – August 11, 2010
The Microsoft Tax: Windows zero-day flaw exposes users to code execution attack; Mac unaffected – August 09, 2010
The Microsoft Tax: Critical flaw lets hackers take remote control of Windows PCs; Mac unaffected – August 07, 2010
The Microsoft Tax: New attack bypasses every Windows XP security product tested; Mac unaffected – May 11, 2010
The Microsoft Tax: McAfee correctly identifies Windows as malware; Macintosh unaffected – April 21, 2010
The Microsoft Tax: DNS Windows PC Trojan poses as iPhone unlock utility; Mac and iPhone unaffected – April 15, 2010
The Microsoft Tax: 1-in-10 Windows PCs still vulnerable to Conficker worm; Macintosh unaffected – April 08, 2010
The Microsoft Tax: 74,000 Windows PCs in 2,500 companies attacked globally; Mac users unaffected – February 18, 2010
The Microsoft Tax: Widespread attacks exploit Internet Explorer flaw; Macintosh unaffected – January 22, 2010
The Microsoft Tax: Windows 7 zero-day flaw enables attackers to cripple PCs; Macintosh unaffected – November 16, 2009
The Microsoft Tax: Windows 7 flaw allows attackers to remotely crash PCs; Macintosh unaffected – November 12, 2009
The Microsoft Tax: Windows virus delivers child porn to PCs, users go to jail; Mac users unaffected – November 09, 2009
The Microsoft Tax: Worms infest Windows PCs worldwide; Mac users unaffected – November 02, 2009
The Microsoft Tax: Banking Trojan horse steals money from Windows sufferers; Mac users unaffected – September 30, 2009
The Microsoft Tax: Serious Windows security flaw lets hackers to take over PCs; Macintosh unaffected – July 07, 2009
The Microsoft Tax: Windows Conficker worm hits hospital devices; Macintosh unaffected – April 29, 2009
The Microsoft Tax: Conficker virus begins to attack Windows PCs; Macintosh unaffected – April 27, 2009
The Microsoft Tax: Conficker’s estimated economic cost: $9.1 billion – April 24, 2009

45 Comments

    1. When I hear someone say that, or the “security through obscurity” BS, I always ask them to name one osx virus.

      Lately I’ve had to explain to the idiots the difference between a virus and a Trojan horse.

        1. Funny thought… Instead of being roused at 3 am because of a howling dog… do you wake up to “DEVELOPERS! DEVELOPERS! DEVELOPERS!”

          I’m curious as to how you manage to retain your sanity

  1. Microsoft’s security issues are compounded by the large subset of Windows users (especially in enterprise) who still use Windows XP. I believe the XP percentage is STILL larger than for Windows 7. It must be like try to patch up an old leaky roof (rather than ripping it out and installing a new roof). It doesn’t matter how secure Windows 7/8 becomes if so many users are still using XP.

    Now, those enterprise XP users will need to upgrade at some point. The next few years provide Apple with a MAJOR opportunity to convert those users en masse to Mac. With Microsoft releasing the “kludge” that is Windows 8 (and eventually ending support for XP), Apple needs to emphasize how Mac OS X Lion and Mountain Lion will actually feel MORE familiar to long-time Windows XP “desktop computer” users.

    1. I think it was last week where I saw a report that Windows 07 has passed XP. However, it was one of those web usage reports, so take it with a bit of salt. Me, I’m using a 5 lb. salt lick block.

  2. The value is ALWAYS in the data…never the hardware.

    Speaking of which…The DOJ doesn’t want any info on the collaboration between Google and the NSA leaking out.

    Can you wonder why? Do you really really trust your gMail?

    Come on now and tell the truth! Same for other mail systems?

    1. Remember how Windows Vista was supposed to be a total OS rewrite and was going to finally be ‘SECURE!’. Oops.

      Remember how Windows 7ista was supposed to overcome all the BUGS and PROBLEMS in Vista? Oops.

      Remember how Windows L8 was supossed to be a WHOLE NEW USER EXPERIENCE! Oops.

      Vista, 7ista, L8 = Windows XP in a fancy new dress. Darn. They all still have Microsoft disease.

  3. Hell even Disney, who have no excuse us crap PCs every were, still do not support iPortable devices for allot of stuff on their WEB site. Even there newest ships that boast the best of everything are all Windows from what I can tell in their Adds.
    So how come their CEO sits on Apples Board?

  4. Corporations need Apps. Yeah, starting from a green field where you have no legacy investment is easy. Run your MDN site off some quickbooks-a-like in OS X no problem, but where are the SMB apps for ERP on OS X? Your vendors or suppliers have windows apps? (yes – duh) and you are required to use to place orders? Guess I’m running parallels then. Now I am all open to Windows again. Plus, what’s the only full featured messaging platform for the mid market? Exchange that’s what.

    So it isn’t that easy to wave a want and erase legacy infrastructure, supply chain, process, systems, bot to mention the training to use them and frankly the expertise to evaluate which ones make sense for a company that measures revenues in 9 or 10 digits. And oh yeah, budgets are tight for CapEx.

    So MDN chill your Commentary as of people who buy windows boxes aren’t doing what’s right for the company tactically and lookingfor strategic ways to make their move.

    Replacing infrastructure with SaaS offerings is te key to platform agnostic workstations, but it takes years in large companies because there are many interconnected systems all tied to business process.

    Think about it.

    1. While it’s clear you’re right from the chicken-and-egg standpoint of platform dependance, I think you give CTOs too much credit.
      I very much doubt they looking to make a move at all because that move is off a cliff toward the “consumerization” of IT, where they don’t have nearly the sway or power they are used to.

    2. Me

      I will agree that legacy is a big problem and untimately might be the downfall of Microsoft. Yes that is a problem but all problems have solutions and it takes a great person to take on those challenges and fight. I have been fighting that fight for several years now and have finally seen the tipping point and we have been set free. Not completely but management and the ownership see real world savings and time in the return.
      Good luck, it’s a good fight and one worth fighting.

  5. Well the first question to ask is who in their right mind allows RDP through a firewall? The answer is no one in their right mind which is why there is a story about a patch and not widespread mayhem.

    I’m not saying its not a -issue or concern and MS’s security blunders are legend at this point however this is not going to spread like code red since RDP is not traversible over any firewall I know of by default.

    I guess I should get the patch DOH! I almost forgot I’m on a Mac so its no problem!

    1. Having been around the corporate world for a while, there’s the way things should be done and the way that a lot people do things. They are usually not the same.

      1. It would require a machine in the DMZ zone, or you’d need to specifically configure your firewall and routers to allow an open RDP connection on your external internet IP to route to a machine. If someone is running that naked they deserve it and the security officer needs to go.

        The only real avenue I can come up with is a Guy takes his laptop home and gets infected, comes back to work and plugs back in on the LAN. Even that might not work depending on how windows is configured on the laptop.

        Its a serious flaw and another nice reminder of redmonds stellar attention to detail but I don’t see this being capable of widespread infection..

        This thing could have been a monster in 2002 but security on a corporation level has come a long way in 10 years. We have actual best practices and documented processes now.

        I know of no one in IT who has had a system hit with this.

        For peace of mind I recommend a Mac and just the news of this exploit being there can only help the apple cause in the end.

        So maybe the damage will really be done at a subconscious level lol

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.