Windows RDS Vulnerability


Reliable Hardware – Trained Staff
You are here:  Service / Technical Blog
By    -   Sales and Marketing Manager

Microsoft has released a patch in May which will rectify over 70 vulnerabilities, which perhaps most importantly resolves an issue whereby malware can exploit systems and devices running Remote Desktop Services (RDS), which used to be known as Terminal Services. This is being treated as one of the biggest threats in recent years but has not made it to mainstream media so many people are unaware of the threat.

The vulnerability could provide easy access for an opportunist hacker to infiltrate a system undetected by the user. Requests are made through bespoke requests directed towards the servers RDS using the Remote Desktop Protocol, or RDP.

Interestingly, Microsoft has released patches for older systems such as XP and Server 2003, which are no longer updated or supported by Microsoft. The Patch also fixes the issues in newer Operating Systems such as Windows 7 and Server 2008, which still have relatively large user bases despite their end of life rapidly approaching in 2020.

The risk to business users globally is significant, particularly in the industrial sectors as RDS is used heavily for remote access purposes, allowing personnel to use a variety of control systems. This sector is also more likely to be running older operating systems that are no longer monitored or patched as frequently as newer Microsoft OS iterations.

This is not the first occasion such an exploit has been found. As recently as 2017, the WannaCry Ransomware targeted EternalBlue, the cyber-attack exploit used by the National Security Agency (NSA) in the US.

Those running Windows Server 2012 or above, and similarly Windows 8 or above need not worry as these newer operating systems are already protected from the exploit.

Since the initial release of the CVE a number of proof of concepts have now been developed by security researchers, which show how the vulnerability can be exploited and demonstrates the severity of the vulnerability – in particular with how many servers are out there that expose RDP publicly.

Please find the link to the patch below:

https://support.microsoft.com/en-gb/help/4500705/customer-guidance-for-cve-2019-0708

For more information on the above, or for advice if you are unsure if you are adequately protected against the exploit, then please contact us via telephone on (01622) 524200.

Got Something To Say:

Your email address will not be published. Required fields are marked *

*


Authors

Categories

Recent Posts

Review Us

Are you a VooServers customer? We would love to hear what you say!

Review us
Back to top
 Download our Company Newsletter
© VooServers Ltd 2016 - All Rights Reserved
Company No. 05598156