5/15/2019

Urgent Remote Code Execution Vulnerability in RDS protocol. Vulnerability Score - HIGH

Security Vulnerability - Security Advisory

Yesterday – 05/14/2019 Microsoft announced a new “worm-able” vulnerability in Remote Desktop Service protocol.

If your RDS/RDP/Microsoft remote desktop is not patched or covered by VPN/Firewalls – a remote exploitation with execution and infection from “outside” your security perimeter is possible.

This means that an “outside” bad actor can access and infect your desktops/servers then use them to attack other computers.

Affected systems: any 2008R2 and earlier, WinXP, win7, Win Server 2003 are all affected.

A Microsoft patch is available.

For more information refer to this article…

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708?fbclid=IwAR3O9xYgkh8FmgW8pHMYCT1zbZ_xg3R4dvsd5HlTIIcwbYNUsxlYRqWymOY

Digital Edge Cyber Security Team will be patching fully managed clients.
If anyone needs our immediate assistance please contact our support team.

Digital Edge

(800)-714-5143

https://www.digitaledge.net/support/

Slava Rykhva

Security Engineer

Slava has more than 20 years of experience in Information Technology, in roles of cyber security expert, enterprise solutions architect, and digital transformation advisor, with projects spanning across multiple industries, mainly with insurance and financial organizations. He has a CISSP certification, the highest level for cyber security. Slava has unique insight into all levels of operations of modern financial institution, blending business operations with IT systems to deliver best in class solutions following strict compliance requirements such as PCI DSS, ISO 27000 and local regulations in various geographies.