Microsoft is warning users once again of a couple of vulnerabilities that affect Remote Desktop Services. These are similar to the recent BlueKeep Remote Desktop Protocol vulnerability, which was privately reported to Microsoft earlier this year and subsequently fixed. These two could be also spread between vulnerable computers without user interaction, making them “wormable” – meaning they can quickly spread among computers.
BlueKeep is a remote code execution vulnerability about which details were released earlier this summer. If it’s exploited, it could allow code to be spread without any interaction from the user. This is similar to how the infamous WannaCry made it around the world so quickly. There is a patch for BlueKeep. If you haven’t applied it, do so right now. Don’t wait. This issue affects Windows Operating Systems, specifically Windows XP (which is no longer supported), Windows 7, Windows 2003(no longer supported), Windows Server 2008 R2, and Windows Server 2008.
The two critical vulnerabilities noted this time are CVE-2019-1181 and CVE-2019-1182. The affected versions of Windows include:
- Windows 7 SP1
- Windows Server 2008 R2 SP1
- Windows Server 2012
- Windows 8.1
- Windows Server 2012 R2
- All supported versions of Windows 10, including server versions
Microsoft confirmed that Window XP, Window Server 2003, and Windows Server 2008 were not affected. However, if you have an unsupported version of any operating system, seriously consider updating to one that is. Microsoft no longer supports Windows XP, for example. So, as new vulnerabilities are discovered, there is no guarantee that a patch will be created for it. Then, your system is forever vulnerable.
More patches to note: Microsoft also released critical patches for bugs found affecting server admins running HyperV, CVE-2019-0720 and CVE-2019-0965. If these are left unpatched, they may allow virtual guests to execute code on the host (what’s called a guest to host break out which undermines the virtualization separation).
Affected users should patch as quickly as possible and upgrade any unsupported products. In addition, it’s highly advised to enable automatic updates whenever that option is available. This will help to ensure that the systems are protected by the very latest security updates and they don’t get missed in the hustle and bustle of the day.
Another note, Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS (APSB19-41). These updates address vulnerabilities that could lead to arbitrary code execution. For Adobe updates, go to Adobe’s website, find the products and update from there. Be sure you’re typing in the correct website. Adobe is often used as a hacking tool and popups appear all the time claiming an update is needed, when in fact it’s a scam, malware, or phishing.