Microsoft is warning that an exploit with the magnitude of the WannaCry attack that crippled computers worldwide two years ago could be imminent if people fail to patch a high-severity vulnerability.
Microsoft is urging its customers to patch a critical remote code execution vulnerability in Remote Desktop Services immediately. This vulnerability, CVE-2019-0708, affects Windows Server 2008 R2, Windows Server 2008, Windows 7, Windows 2003, and Windows XP.
- What does this vulnerability entail?
Microsoft disclosed and released patches to address a critical vulnerability in Remote Desktop Services (RDP) in its May 2019 security updates. The vulnerability can be exploited by an unauthenticated remote attacker attempting to connect to a vulnerable system using RDP and sending specially crafted requests. If an attack is successfully able to exploit this vulnerability, they could execute code on the system.
- Why is it so important?
The flaw, CVE-2019-0708, does not require authentication or user interaction, giving it the potential to be leveraged in malware to self-propagate to other vulnerable systems. These capabilities allow the vulnerability to be “wormable” in that any malware that leverages this vulnerability could potentially spread to other vulnerable systems, such as the WannaCry ransomware did with MS17-010 and the EternalBlue exploit in 2017. Microsoft warns that the likelihood of threat actors creating an exploit and incorporating it into their malware is very high.
- What should I do?
The company released patches for Windows 7 and Windows Server 2008/R2 as well as older, traditionally unsupported, versions of Windows XP and Windows 2003. Windows 8 and 10 are not affected by this vulnerability. It is recommended to apply these updates immediately to protect your systems from attacks targeting CVE-2019-0708. These patches can be found here: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708
Concerned your organization isn't prepared to handle cyber attacks? Reach out to a CyberMaxx team member today for a complimentary consultation: firstname.lastname@example.org