Older Windows Systems Beware of CVE-2019-0708

Are you running an older version of Windows and not current with your patch management? If so, you need to be aware of a recent exploitable vulnerability that just hit the news this week. Here’s what you need to know…

Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. The Remote Desktop Protocol (RDP) itself is not vulnerable. This vulnerability is pre-authentication and requires no user interaction.

Simon Pope, director of incident response for the Microsoft Security Response Center wrote, ” In other words, the vulnerability is ‘wormable’ – meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer.”  He also stated, “While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware,”

Because of the severity of the vulnerability Microsoft is providing a patch for out of support systems, such as Windows XP and Windows 2003.

Customers running Windows 8 and Windows 10 are not affected by this vulnerability.

Vulnerable systems include:

• Windows XP
• Windows 2003
• Windows 7
• Windows 2008 R2 and Windows 2008

If you’re still unsure that you’re protected, OneNeck’s security experts are here to help.

References

• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708
• https://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/
• https://blog.talosintelligence.com/2019/05/MS-Patch-Tuesday-May-2019.html