Microsoft has found and patched more critical flaws in Widows Remote Desktop services
New (or maybe not so new) vulnerabilities in Windows Remote Desktop Services have been identified and patched by Microsoft. These services are widely used in businesses and some of the vulnerabilities can be exploited without authentication to achieve execution of remote code.
These flaws were discovered by Microsoft during the hardening of the RDS system in Windows and to date the exploits they found have not been released…by Microsoft at any rate. Two of the flaws are workable according to Simon Pope director of incident response and if it makes its way onto a network malware can exploit them to propagate from PC to PC.
Affected systems include Windows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 R2 and all supported versions of Windows 10. RDS is a system service and as such any exploit would give attackers privileges to read and delete data, create new accounts and install programs including ransomware.
Microsoft has also patched two other flaws that only affect Windows 10, Windows Server 2019 and Windows Server version 1803 and don’t require authentication to exploit as well as an unauthenticated denial-of-service flaw and two memory disclosure issues. That is a whopping seven RDS flaws that have been patched.
The reason Microsoft have done the investigations into RDS is the discovery of Bluekeep in May which had publicly released exploits this combined with the fact that most end points do not use network level authentication could result in scenarios where attackers can obtain legitimate credentials and bypass this protection, so deploying patches for these vulnerabilities as soon as possible is the best solution.
There has been a new RDP based attack using a similar method to the WannaCry attacks, using RDP ports on 3389 that are open to the internet, this attack deploys Crypto-Mining Payloads on devices running vulnerable versions of windows. It has been confirmed that a...
A report published by security company Webroot has shown a massive increase in infections on systems running Windows 7. The mid-year update of the Webroot Threat Platform shows that since 2018 Windows 7 exploits have risen by 71% and that the number of IP hosts have...
According the The Verge, Libra Association members is being actively pressured by Lawmakers in the US to rethink their participation with the group. CEO’s of Visa, MasterCard, Stripe have sent a letter warning of the risk the digital currency could face, among them...
Join Our Newsletter
Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque