Alert Priority HIGH: Update Windows platforms to protect yourself from a security threat

17 May 2019

What’s happened?
Microsoft has released a software update to fix a security flaw in some older versions of Windows including Windows 7, Windows XP, Windows Server 2008 and 2008 R2. The update addresses a vulnerability that attackers may use to gain unauthorised access or to perform other malicious activity.

Does it affect me?

If you are using an older version of Windows including Windows 7, Windows XP, Windows Server 2008 and 2008 R2 you could be affected.

If you have Windows 8 or 10, Microsoft advises you are not affected by this vulnerability.

To find out which Windows operating system you’re using check the Microsoft website.

How do I stay safe?
To protect yourself you should install the software update to older versions of Windows as soon as possible. Microsoft has issued customer guidance on how to update older Microsoft operating systems.

Why is using current software important?
Microsoft will not provide official security updates or fixes to Windows 7 after 14 January 2020. To ensure you are using secure software that is supported by Microsoft you should consider upgrading to Windows 8 or 10 in the near future.

More information

Microsoft issued a blog post about the potential impact to customers using affected platforms including advice on mitigation strategies.

Learn more about software updates from Stay Smart Online.

The information provided here is of a general nature. Everyone’s circumstances are different. If you require specific advice you should contact your local technical support provider.
Feedback
Thank you to those subscribers who have provided feedback to our Alerts and Newsletters. We are very interested in your feedback and where possible take on board your suggestions or requests.Disclaimer
This information has been prepared by the Australian Cyber Security Centre (‘the ACSC’). It was accurate and up to date at the time of publishing.
This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice.
The Commonwealth and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise.
Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service.
Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.