New Vulnerabilities in Remote Desktop Service (RDS) Affecting Most Current Windows Versions

Release Date: 15 Aug 2019 5522 Views

Microsoft has just released patches in its August Monthly Security Update for 2 newly discovered vulnerabilities in Remote Desktop Services (RDS). Similar to the “BlueKeep” vulnerability, the new vulnerabilities can be exploited to engineer a worm-like outbreak in the Internet, poising a serious threat to cyber security. HKCERT urges the public once again to pay attention to the vulnerabilities occurring within RDS, and to install the up-to-date patches immediately to mitigate the risk.

 

The two new vulnerabilities affect Windows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, as well as all supported versions of Windows 10, including server versions. For workstations having Windows 7 SP1 or Windows Server 2008 R2 SP1 installed, the vulnerabilities only affect if either RDP 8.0 or RDP 8.1 is installed.

 

As Microsoft has already released security patches to address the vulnerabilities, HKCERT recommends all users to apply up-to-date security patches from official software provider to avoid unnecessary risks. Users may also refer to the security blog on “BlueKeep” vulnerability (/my_url/en/blog/19052301) for other remedial actions.

 

Reference Link:

/my_url/en/alert/19081401

 

Share with

Previous

New Trends in Ransom Email Attacks

6 Jun 2019 8006 Views

Next

Critical Pulse Secure VPN Vulnerability (CVE-2019-11510) Alert

6 Sep 2019 6774 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY