Log in
Forgot password ?
Become a member for free
Sign up
Sign up
Dynamic quotes 

MarketScreener Homepage  >  Equities  >  Nasdaq  >  Microsoft Corporation    MSFT


News SummaryMost relevantAll newsOfficial PublicationsSector newsMarketScreener StrategiesAnalyst Recommendations

Microsoft : Warns of Monster Bug, In a Week of Them--2nd Update

share with twitter share with LinkedIn share with facebook
share via e-mail
05/15/2019 | 01:22pm EDT

By Robert McMillan

Microsoft Corp. took the unusual step of warning that a computer bug it has now patched could be used by a cyber weapon similar to the WannaCry worm, which spread across the globe two years ago.

The bug is one of several high-profile computer-security issues to emerge this week, though the impact isn't yet clear.

Microsoft said that it hasn't seen anyone take advantage of the flaw, which affects older versions of its Windows operating system, but that it believes it is "highly likely" the flaw will wind up being exploited by malicious software, now that it has been publicly disclosed.

Any "future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe," Microsoft said Tuesday in a blog post.

The flaw affects Windows 7 and Windows Server 2008. It also affects Windows 2003 and Windows XP -- older versions of Windows that Microsoft doesn't typically patch. But, in a sign of the severity of the bug, Microsoft released XP and Windows 2003 patches as well.

"This is certainly one to take seriously," said Chris Coulter, vice president of technology with BlackBerry Ltd.'s Cylance security group.

Users of Windows 10 and Windows 8 aren't affected by the flaw, Microsoft said.

Microsoft said the best way for companies to protect themselves against the vulnerability is to upgrade to newer versions of its software, which are harder to hack and include better tools for automatic updating of patches.

In the case of the WannaCry attack, Microsoft had issued a patch months before the ransomware began spreading globally. But some companies hadn't installed the fix, either out of lax security practices or concerns about disrupting their day-to-day operations.

Any time a company deploys new code like a patch, the installation could fail or run into other glitches, or the software could end up incompatible with a company's existing programs -- potentially costly hiccups. All those issues leave companies vulnerable despite an available fix.

Plenty of companies can install software updates with little disruption. But large institutions can take months to test and deploy patches to avoid business disruptions. That patching process can be drawn out at hospitals, power plants and other critical institutions that can't afford to go offline for hours at a time, cybersecurity specialists say.

WannaCry spread quickly, and infected more than 200,000 systems world-wide with ransomware -- software that rendered computer systems unusable and demanded a digital ransom. It affected systems at England's National Health Service, FedEx Corp. and Nissan Motor Co.

The 2017 worm could have been more devastating, but it was stopped when a security researcher activated a "kill switch" feature that prevented the worm from spreading.

Microsoft's bug came a day after Facebook Inc. patched its WhatsApp encrypted-messaging application following the company's disclosure it had been used in a novel form of attack: Hackers had found a way to install spyware on mobile phones by using a bug in the voice-calling feature of WhatsApp.

The attack was used in hacking tools created by an Israeli cybersecurity firm called NSO Group Technologies Ltd, according to people familiar with the WhatsApp bug investigation.

NSO Group sells its hacking and spyware tools to law enforcement and government agencies. A spokeswoman for the company declined to say whether NSO Group had created attack code leveraging the bug, but said the company doesn't identify targets or operate its technology against them.

Three years ago, NSO Group's software was linked to an attack against Apple's iPhone.

That flaw was particularly interesting because WhatsApp is often used by security-conscious people looking to take advantage of its end-to-end encryption capability, which prevents others from snooping on messages as they are sent, Mr. Coulter said. "Myself and millions of others inadvertently put all that at risk by blindly trusting the app," he said.

On Tuesday, Intel disclosed issues in its microprocessors that could allow hackers to gain unauthorized access to data stored in a computer's memory. The new bugs are similar to last year's Spectre and Meltdown flaws, but are hard to exploit and unlikely to cause the kind of widespread havoc of a computer worm, security researchers said.

Write to Robert McMillan at Robert.Mcmillan@wsj.com

Stocks mentioned in the article
ChangeLast1st jan.
MICROSOFT CORPORATION -3.19% 133.39 Delayed Quote.31.33%
ONE STOP SYSTEMS INC -3.78% 1.78 Delayed Quote.-8.25%
share with twitter share with LinkedIn share with facebook
share via e-mail
08/23Google Puts Curbs on Political Debate by Employees--Update
08/23Google Puts Curbs on Political Debate by Employees--Update
08/23Artificial Intelligence (AI) Market 2019 Industry Analysis & Future Developme..
08/22Salesforce sees higher quarterly, FY revenue; shares rise 7%
08/22MICROSOFT : IoT Plug and Play is now available in preview
08/21Norway mulls alternatives to sluggish Europe for $1 trillion fund
08/20AZURE ARCHIVE STORAGE EXPANDED CAPAB : Faster, simpler, better
08/20It's connected devices vs consoles at biggest e-games convention
08/19Citrix Names New CFO as It Steers Toward Cloud-Based Business Model
08/19Sony to buy 'Spider-Man' developer Insomniac Games
More news
Financials (USD)
Sales 2020 140 B
EBIT 2020 48 023 M
Net income 2020 40 311 M
Finance 2020 69 656 M
Yield 2020 1,47%
P/E ratio 2020 25,5x
P/E ratio 2021 22,5x
EV / Sales2020 6,79x
EV / Sales2021 6,02x
Capitalization 1 018 B
Duration : Period :
Microsoft Corporation Technical Analysis Chart | MarketScreener
Full-screen chart
Technical analysis trends MICROSOFT CORPORATION
Short TermMid-TermLong Term
Income Statement Evolution
Mean consensus BUY
Number of Analysts 35
Average target price 155,12  $
Last Close Price 133,39  $
Spread / Highest target 27,4%
Spread / Average Target 16,3%
Spread / Lowest Target -30,3%
EPS Revisions
Satya Nadella Chief Executive Officer & Director
Bradford L. Smith President & Chief Legal Officer
John Wendell Thompson Independent Chairman
Jean-Philippe Courtois President-Global Sales, Marketing & Operations
Amy E. Hood Chief Financial Officer & Executive Vice President
Sector and Competitors
1st jan.Capitalization (M$)
SYNOPSYS65.00%20 308
SPLUNK INC13.08%17 804
OKTA INC107.62%15 119