<img alt="" src="https://secure.hims1nice.com/151009.png" style="display:none;">
" style="background-color: #2c3e50;">
 

News

Security Update: Remote Desktop Services Require Update to Prevent Worm

Posted by Brad Watson on May 15, 2019 11:35:33 AM
Brad Watson
Find me on:

It is important that affected systems are patched as quickly as possible.

Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. 

Important - Security Alert

The Remote Desktop Protocol (RDP) itself is not vulnerable. This vulnerability is pre-authentication and requires no user interaction.

The vulnerability is ‘wormable’, meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. 

While there has been no observed exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware. 

It is important that affected systems are patched as quickly as possible. Vulnerable in-support systems include Windows 7, Windows Server 2008 R2, and Windows Server 2008. Out-of-support systems include Windows 2003 and Windows XP.

Details and Patches

TechNet Blog

Microsoft Security Update Guide

 

Topics: Security

KiZAN 30 Years Logo FooterAsset 2

 

Louisville, KY

1831 Williamson Court

502.327.0333

 

Cincinnati, OH

9035 Meridian Way

513.563.6000

 

Subscribe to Notifications

Subscribe