Running Windows? Be Sure You Patch!
Another week and another Microsoft critical vulnerability! Yea they fixed it and have a patch, but how many of you have applied it?
Except for their newest Windows OS releases (Windows 8 and Windows 10), this vulnerability appeared every Windows release including Windows Server 2003 and Windows XP.
For Microsoft, the threat was so severe that they even took the unprecedented step of releasing patches for operating systems they have not supported for years.
This flaw reported as a common vulnerability and exposure 2019-0708 and is found in the Remote Desktop Services which remotely manage Windows systems using the Remote Desktop Protocol on Corporate networks.
Why is this such a big deal?
Remote exploitation. Anytime there is a flaw that can be remotely exploited, requiring no user interaction and without requiring any authentication, you have a whopper of a problem.
This particular vulnerability is accessible if someone creates a request that calls the remote desktop protocol on a system with this vulnerability to execute malicious code giving the attacker full user rights with the ability to install programs, modify or delete user data and even to create new accounts.
My advice for every one — Patch, Patch, Patch!