- Joined
- May 6, 2019
- Messages
- 11,214
- Points
- 83
Microsoft is taking “the unusual step” of releasing security fixes for both current and out-of-support versions of Windows due to a “wormable” vulnerability that could lead to WannaCry-like malware attacks. CVE-2019-0708, otherwise known as the Remote Desktop Services Remote Code Execution Vulnerability, is so bad that even Windows 2003 and XP are getting patched.
This is a flaw that exists in Remote Desktop Services. It allows attackers to exploit RDP, letting them “install programs; view, change, or delete data; or create new accounts with full user rights.” The fact it’s pre-authentication and requires no user interaction is why it’s described as “wormable.”
Windows 8 and 10 users are not affected by this vulnerability, but fixes for Windows 7, Server 2008 R2, Server 2008, 2003, and XP are available immediately.
…any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.
This is a flaw that exists in Remote Desktop Services. It allows attackers to exploit RDP, letting them “install programs; view, change, or delete data; or create new accounts with full user rights.” The fact it’s pre-authentication and requires no user interaction is why it’s described as “wormable.”
Windows 8 and 10 users are not affected by this vulnerability, but fixes for Windows 7, Server 2008 R2, Server 2008, 2003, and XP are available immediately.
…any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.