The next worm for older Microsoft OS's?

home | blog | Teh Internet | guest blog |rants | placeholder | political | projects | Gwen and Liam | Citadel patched | Tools | Scouts


- Careful Chrome users, this search box might be "Not secure"



Might want to patch your older systems (2008 and down):
- Even 2003 and XP if you still run them:
https://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/
As usual - short description here for when that page goes away:
Short bit from the page above on 5/14/2019:

Prevent a worm by updating Remote Desktop Services (CVE-2019-0708)

Today Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – 
formerly known as Terminal Services – that affects some older versions of Windows. The Remote Desktop Protocol (RDP) itself is not vulnerable.
This vulnerability is pre-authentication and requires no user interaction. In other words, the vulnerability is ‘wormable’, meaning that any future
malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way
as the WannaCry malware spread across the globe in 2017. While we have observed no exploitation of this vulnerability,
it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.



[æ]