Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AppDefects
Community Champion
‎05-15-2019 10:49 AM
‎05-15-2019 10:49 AM

Critical Wormable RDP Vulnerability

The next Internet wormable vulnerability (CVE-2019-0708) resides in Remote Desktop Services – formerly known as Terminal Services – that could be exploited remotely by sending specially crafted requests over RDP protocol to a targeted system.The vulnerability could be exploited to spread wormable malware in a similar way as the WannaCry malware spread across the globe in 2017. https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708 

Reply
0 Kudos
2 Replies
HTCPCP-TEA
Contributor I
‎05-16-2019 05:36 AM
‎05-16-2019 05:36 AM

Yup,

 

MS has even written a patch for XP and 2003, so it seem like quite a serious vulnerability.

 

Quick workarounds to save people looking: 

 

Block port 3389 at the perimeter, stopping unsolicited RDP inbound traffic

 

Enable Network Level Authentication on all RDP connections (means attackers need to authenticate, mitigating the vulnerability).

 

Then get the latest patched installed (*** Subject to your normal patch testing procedure, of course ***)

Reply
0 Kudos
denbesten
Community Champion
‎05-16-2019 11:43 AM
‎05-16-2019 11:43 AM

Unfortunately, continuing to routinely patch critical security vulnerabilities (May 2014, May 2017, May 2019),  emboldens the argument that XP remains vendor supported in practice, in spite of vendor claims to the contrary.

 

Reply
0 Kudos