14.08.2019 - Recommended, TECHNICAL

Notification: More RDS vulnerabilities

RDP is vulnerable again, as Microsoft just patched multiple new vulnerabilities in the RDS component on most Windows operating systems, both servers, and clients. These new vulnerabilities are described as even more likely to be exposed by attackers than the previous BlueKeep vulnerability.

Microsoft urges end-users to patch both servers and clients immediately. For systems where RDS and RDP are enabled, it’s also highly recommended to enable NLA (Network Layer Authentication) for security reasons.

 

Affected systems this time around are:

· Clients: 7, 8.1 and 10 (all supported versions)

· Servers: 2008 R2, 2012 R2, 2016, 2019

Consequences and mitigation for these new vulnerabilities are similar to the previous vulnerability BlueKeep, which we wrote about not too long ago. We recommend you take a look at that article here >

 

Sources:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1222

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1226

https://www.bleepingcomputer.com/news/security/microsoft-fixes-critical-windows-10-wormable-remote-desktop-flaws/

 

Stay safe! 

 

Don't miss a single update

Subscribe to our newsletter