djMot Posted May 15, 2019 Member ID: 3189 Group: *** Clan Members Followers: 93 Topic Count: 355 Topics Per Day: 0.08 Content Count: 5230 Content Per Day: 1.18 Reputation: 11104 Achievement Points: 48729 Solved Content: 0 Days Won: 112 Joined: 02/11/12 Status: Offline Last Seen: 2 hours ago Birthday: 12/24/1957 Device: Windows Share Posted May 15, 2019 About the Event: On May 14, 2019 Microsoft released security updates for a number of systems, including many which are typically unsupported. CVE-2019-0708 addresses a remote code execution vulnerability in Remote Desktop services. The vulnerability does not require user interaction and would allow attacks to spread from infected computer to computer similar to how the WannaCry ransomware attacks worked in 2017. A successful attack could allow programs to be installed, data to be viewed, changed or deleted or new accounts with full rights created. Security patches for the unsupported systems were released separately. Actions to Consider: The following versions are affected: Windows 7 for 32-bit Systems Windows 7 for x64-based Systems Windows Server 2008 for 32-bit Systems Windows Server 2008 for Itanium-Based Systems Windows Server 2008 for x64-based Systems Windows Server 2008 R2 for Itanium-Based Systems Windows Server 2008 R2 for x64-based Systems Windows XP SP3 x86 Windows XP Professional x64 Edition SP2 Windows XP Embedded SP3 x86 Windows Server 2003 SP2 x86 Windows Server 2003 x64 Edition SP2 If you are running any of the above versions, Microsoft and Cybersecurity recommend updating immediately. Event Impact: Microsoft has not reported and Cybersecurity is not currently aware of any exploits in the wild at this time. Microsoft determined the risk of this threat to be great enough, however, to patch typically unsupported services as exploitation of the vulnerability could be severe. CVE-2019-0708 does not affect Microsoft’s most recent operating systems including Windows 10, Windows 8.1, Windows 8, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, or Windows Server 2012. References: https://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/ https://support.microsoft.com/en-ae/help/4500705/customer-guidance-for-cve-2019-0708 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708 https://krebsonsecurity.com/tag/cve-2019-0708/ Office of Cybersecurity University of Wisconsin-Madison Hunter1948, deerejon, Barron and 1 other 4 Link to comment Share on other sites More sharing options... Awards
Barron Posted May 16, 2019 Member ID: 20987 Group: +++ Insurgency Head Admin Followers: 21 Topic Count: 190 Topics Per Day: 0.05 Content Count: 1794 Content Per Day: 0.49 Reputation: 1774 Achievement Points: 14303 Solved Content: 0 Days Won: 0 Joined: 03/21/14 Status: Offline Last Seen: Wednesday at 02:57 AM Birthday: 01/09/1996 Device: Windows Share Posted May 16, 2019 Cheers got mine updated yesterday! They even did a security update for XP due to it , which is no longer supported which says alot about the update djMot 1 Link to comment Share on other sites More sharing options... Awards
Recommended Posts