Trending CVEs for the Week of August 19th, 2019
CVE-2019-1181 – Wormable Windows Remote Desktop Flaw
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. There are 3 more vulnerabilities CVE-2019-1182, CVE-2019-1222 and CVE-2019-1226, can be exploited by unauthenticated, remote attackers to take control of an affected computer system without requiring any user interaction. All 4 vulnerabilities have discovered by Microsoft’s security team this week.
- Windows 7 SP1
- Windows Server 2008 R2 SP1
- Windows Server 2012
- Windows 8.1
- Windows Server 2012 R2
- Windows 10 – All versions including server versions
Follow the Microsoft security advisories to implement patch or workaround.