cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 
Contributor I

Critical Wormable RDP Vulnerability

The next Internet wormable vulnerability (CVE-2019-0708) resides in Remote Desktop Services – formerly known as Terminal Services – that could be exploited remotely by sending specially crafted requests over RDP protocol to a targeted system.The vulnerability could be exploited to spread wormable malware in a similar way as the WannaCry malware spread across the globe in 2017. https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708 

2 Replies
Contributor I

Re: Critical Wormable RDP Vulnerability

Yup,

 

MS has even written a patch for XP and 2003, so it seem like quite a serious vulnerability.

 

Quick workarounds to save people looking: 

 

Block port 3389 at the perimeter, stopping unsolicited RDP inbound traffic

 

Enable Network Level Authentication on all RDP connections (means attackers need to authenticate, mitigating the vulnerability).

 

Then get the latest patched installed (*** Subject to your normal patch testing procedure, of course ***)

Community Champion

Re: Critical Wormable RDP Vulnerability

Unfortunately, continuing to routinely patch critical security vulnerabilities (May 2014, May 2017, May 2019),  emboldens the argument that XP remains vendor supported in practice, in spite of vendor claims to the contrary.