Another NSA tool makes Windows XP vulnerable to cyberattack

The world has started recovering from the wrath of WannaCry and reports of another exploit leading to levels of destruction similar to the WannaCry ransomware has started haunting Windows 2003 Server and XP systems. The exploit is called EsteemAudit and was stolen from NSA by the notorious hacker group known as Shadow Brokers.

According to information from Softpedia, EsteemAudit is based on one vulnerability in the RDP service in Windows XP and Windows Server 2003, targeting port 3389 on unpatched systems. Attacks can be tweaked to include wormable malware, which means that once it infects a Windows XP system within a network, infections can then spread across all the other systems using other forms of malware.

This could target all the Windows XP systems connected to the Internet vulnerable to some malware developed through this tool and spread within LAN networks as well. Microsoft hasn’t released a security patch for this issue yet. But a third party security developer, known as enSilo, has rolled out a fix for the vulnerability for all Windows XP and Windows Server 2003 machine. You can get the fix for your system here.

With constant cyber threats to these older systems, it is advisable to upgrade to the latest versions of Windows and keep your data safe.

(Source)