Remote Desktop Services get patched for wormable vulnerabilities

2 minute read
Remote Desktop Services get patched for wormable vulnerabilities

Home » News » Remote Desktop Services get patched for wormable vulnerabilities

Today Microsoft publicly released some fixes  for the Desktop Services.

These include two critical fixes that are aimed towards Remote Code Execution (RCE) vulnerabilities, CVE-2019-1181 and CVE-2019-1182. 

About CVE-2019-1181/1182

Just like the CVE-2019-0708 vulnerability, these two fall in the “wormable” category. This allows malware that knows how to take advantage of these vulnerabilities to propagate itself without any user interaction at all.

Here’s a list of all affected versions of Windows:

  • Windows 7 SP1
  • Windows Server 2008 R2 SP1
  • Windows Server 2012
  • Windows 8.1
  • Windows Server 2012 R2
  • All supported versions of Windows 10, including server versions.

It should be noted that Windows XP, Windows Server 2003, and Windows Server 2008 are not affected, nor is the Remote Desktop Protocol itself.

Patching CVE-2019-1181/1182

CVE-2019-1181 and CVE-2019-1182 were discovered by Microsoft during a routine attempt at hardening the Remote Desktop Services.

More so, the tech giant states that there is no evidence that any third party may have known of this vulnerability. Additionally, they recommend that all systems that are vulnerable should update as soon as possible.

For those of you that don’t have automatic updates enabled, updates can be found in the Microsoft Security Update Guide.

Those of you that do have automatic updates enabled will have their systems updated immediately.

It should be known that systems that have Network Level Authentication (NLA) have partial protection against such threats.

The vulnerable systems that would otherwise be affected by wormable or advanced malware are protected thanks to the Network Level Authentication.

This is because those threats cannot exploit the vulnerability, as the Network Level Authentication requires user approval before the vulnerability can be activated.

Keep note that users are still vulnerable to Remote Code Execution (RCE) exploitation.

That’s because any attacker that has access to the valid credentials can eventually bypass the Network Level Authentication’s protection.

Discussions

Next up

Browser not showing images? Here’s how you fix this

Alexandru Voiculescu By: Alexandru Voiculescu
2 minute read

Browsers are essential tools for surfing the Internet. Also, the interface of any browser is crucial for providing a user-friendly experience. However, this feature is […]

Continue Reading

Fix Power Bi column errors with these quick solutions

Tashreef Shareef avatar. By: Tashreef Shareef
3 minute read

While using the Power Bi desktop app you may face some issues with your data and file. One such error is related to Power Bi […]

Continue Reading

FIX: Try opening this file in another app error in Windows 10

Tashreef Shareef avatar. By: Tashreef Shareef
3 minute read

The built-in Windows Photos app allows you to edit photos as well as play videos of multiple formats apart from viewing images. Sometime, the app […]

Continue Reading