Microsoft has warned that a patched computer bug affecting some of the older versions of Windows could be used as a weapon in the vein of the WannaCry worm, which infected countless computers with ransomware, according to a report by The Wall Street Journal.
Although it’s not yet clear what the impact might be, Microsoft said now that the flaw has been exposed, the company thinks it’s “highly likely” it will be used by malicious software.
Any “future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe,” Microsoft said in a blog post.
The bug affects Windows 7, Windows Server 2008, Windows 2003 and Windows XP. The latter two versions don’t normally get patched by Microsoft because they’re so old, but because of the potential mayhem the bug could cause, Microsoft took the unusual step of doing so.
Windows 10 and Windows 8 users won’t be affected by the flaw, Microsoft said.
“This is certainly one to take seriously,” said Chris Coulter, vice president of technology with BlackBerry’s Cylance security group.
The WannaCry attack spread very quickly, and it infected 200,000 systems around the world with ransomware — which freezes a computer and makes it useless while it demands a digital ransom. Computers at Nissan, FedEx and England’s National Health Service were all affected.
It could have potentially been even worse, but a security researcher activated a “kill switch” feature which prevented the bug from spreading any further.
On Tuesday (May 14), Facebook patched a bug of its own, one that affected WhatsApp, its encrypted messaging service, after the company revealed that hackers found a way to install spyware on mobile phones using a bug in the voice-calling feature.
Coulter said the move is interesting because most people use WhatsApp for its security features, especially the apps end-to-end encryption capability.
“Myself and millions of others inadvertently put all that at risk by blindly trusting the app,” he said.