Although many Windows users do not have remote access features on their home computers, business computers or people working remotely and reconnecting to the office may be most affected, according to Michela Menting, a cybersecurity expert at ABI Research.
How big a deal is this?
Windows 10 runs on about 1.3 billion devices worldwide, according to market research firm CCS Insight, so the scope of the vulnerability is massive. “This is a big deal because Windows 10 is the most popular desktop OS out there with over 75% market share,” Menting said.
Because Windows 10 is used by desktops as well as some servers, it could potentially allow hackers to infiltrate a network “very quickly” and get in “virtually anywhere to find the most lucrative databases and systems,” Menting said. .
When Sangfor shared a proof-of-concept exploit code on the Microsoft-owned code hosting platform Github, it was copied by users before being deleted.
How to download the patch
Menting said a buggy patch is in many ways like “years of cybercrime” and adds that it is “very likely” ransomware attacks or data theft may occur as a result. “There is no doubt that not all companies will have updated their operating system before attackers come in,” she said.
The great takeaway
Still, the incident serves as a reminder to both businesses and consumers to routinely update any kind of software to ensure that affected systems are not left exposed. For anyone who thinks they may be at risk of a vulnerability or not sure, Menting suggested disabling affected features until a company launches an official solution.