Many customers with older computers don’t bother to keep their systems updated. After all, it’s worked all this time, so why worry about all this new stuff? And, of course, the longer you leave it, the more of a pain it is to actually do the update: it’ll take hours, and probably break everything or slow the computer down.
This week, Microsoft issued an urgent patch to deal with a serious bug, WinShock, that allows hackers to remotely take over computers. The problem was found in some old code that’s been part of Windows for a long time – at least 19 years. It has the potential to be as damaging as the Heartbleed bug that was discovered a few months ago. Microsoft assess the threat level as critical – their most severe threat level. WinShock has been assessed by security experts as scoring 9.3/10 on the Common Vulnerability Scoring System (CVSS), a measure of severity in computer security.
Because this code is so old, it affects versions of Windows that go back to 1995, including:
- Windows 95
- Windows 98
- Windows ME
- Windows 2000
- Windows XP
- Windows Server 2003
- Windows Vista
It’s a measure of the severity of the problem that Microsoft are even releasing an XP patch even though it’s no longer officially supported. As they say:
An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
We generally recommend that if you’re using an operating system of this age, you should very seriously consider upgrading. A new operating system will be faster, more secure, and more compatible with other devices. It needn’t be a major expense.
However, if you are determined to stick with your existing system, then don’t neglect the updates and keep your computer as safe as it can possibly be. Call us any time if you need help.