Trending CVEs for the Week of August 19th, 2019

CVE-2019-1181 – Wormable Windows Remote Desktop Flaw 

Description 

A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. There are 3 more vulnerabilities CVE-2019-1182, CVE-2019-1222 and CVE-2019-1226, can be exploited by unauthenticated, remote attackers to take control of an affected computer system without requiring any user interaction. All 4 vulnerabilities have discovered by Microsoft’s security team this week.

Affected Products

  • Windows 7 SP1
  • Windows Server 2008 R2 SP1
  • Windows Server 2012
  • Windows 8.1
  • Windows Server 2012 R2
  • Windows 10 – All  versions including server versions

Fixes

Follow the Microsoft security advisories to implement patch or workaround.

References

Microsoft Security Advisor