First off, the big news for today's Patch Tuesday: Microsoft has fixed four new Remote Desktop Services (RDS) vulnerabilities, reminiscent of the BlueKeep vulnerability (CVE-2019-0708) that was patched last May. CVE-2019-1181 and CVE-2019-1182 both affect all supported versions of Windows, and can be exploited without any authentication or user interaction. This means that they are "wormable" and could potentially lead to a widespread infection such as the WannaCry epidemic of 2017. Security agencies from nation states around the world have been urging people to patch systems against BlueKeep for months now in the hopes of mitigating such an outbreak, and these new flaws bring the patching situation back to day 1. The only comparatively good news is that Windows XP, Windows Server 2003, and Windows Server 2008 are not affected, as they were with BlueKeep. Hopefully most administrators have already enabled Network Level Authentication (NLA) due to BlueKeep, but even with that mitigation in place remote code execution (RCE) is possible if an attacker has valid credentials. The other two similar vulnerabilities are CVE-2019-1222 and CVE-2019-1226, which only affect Windows 10 and Server 2019, but are not mitigated by enabling NLA. Blocking direct access to RDS ( ..
Support the originator by clicking the read the rest link below.
