Unlike BlueKeep, however, these vulnerabilities affect more recent Windows versions, including Windows 10
Microsoft issued fixes for four critical vulnerabilities in Remote Desktop Services (RDS) this week, likening two of them to ‘BlueKeep’, another critical flaw in the same Windows component.
All four Remote Code Execution (RCE) flaws – tracked as CVE‑2019‑1181, CVE‑2019‑1182, CVE‑2019‑1222 and CVE‑2019‑1226 – can be exploited by attackers sending a specially-crafted remote desktop protocol (RDP) message to RDS.
“An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” reads the advisory that is common to all four flaws.
What’s more, the first two holes are wormable and so bear a strong resemblance to BlueKeep, as well as to a flaw in an old version of Microsoft’s Server Message Block (SMB) implementation that enabled WannaCryptor, also known as WannaCry, in 2017.
As a result, exploits might use either of the new vulnerabilities to spread malware from one unpatched system to another without any user interaction. This is ultimately what prompted the Microsoft Security Response Center (MSRC) to issue a
Support the originator by clicking the read the rest link below.
