Microsoft is urging users to update their operating systems, including older versions of its operating system, to thwart Windows security exploits, which were discovered earlier this year in May. Simon Pope, Incident Response Director, Microsoft Security Response Center (MSRC) writes in the company’s official blog that the company has released a fix for a remote remote code execution vulnerability of CVE-2019-0708 in Remote Desktop Services. “Nearly one million computers directly connected to the Internet are still at risk for CVE-2019-0708,” Pope wrote. The company notes that Windows 8 and Windows 10 are not affected by this vulnerability.

Microsoft says CVE-2019-0708 vulnerabilities are ‘worms’ and future malware that will exploit vulnerabilities. This means that the malware may be able to spread to computers in the same way that WannaCry malware spread a few years ago.

“It’s only been two weeks since the fix was released and there are still no signs of worms. This does not mean that we are out of the forest. If we look at the events leading up to the WannaCry attack, they warn of the risks of not implementing the correction for this vulnerability in a timely manner, “Pope notes.

Weak in-support systems include Windows 7, Windows Server 2008 R2, and Windows Server 2008, while Windows 2003 and Windows XP are weak systems that are no longer supported by the company.