https://www.infosecnews.org/nsa-cybersecurity-advisory-patch-remote-desktop-services-on-legacy-versions-of-windows/
FORT MEADE, Md., June 4, 2019 --
The National Security Agency is urging Microsoft Windows administrators and
users to ensure they are using a patched and updated system in the face of
growing threats. Recent warnings by Microsoft stressed the importance of
installing patches to address a protocol vulnerability in older versions of
Windows. Microsoft has warned that this flaw is potentially “wormable,” meaning
it could spread without user interaction across the internet. We have seen
devastating computer worms inflict damage on unpatched systems with
wide-ranging impact, and are seeking to motivate increased protections against
this flaw.
CVE-2019-0708, dubbed "BlueKeep," is a vulnerability in the Remote Desktop
(RDP) protocol. It is present in Windows 7, Windows XP, Server 2003 and 2008,
and although Microsoft has issued a patch, potentially millions of machines are
still vulnerable.
This is the type of vulnerability that malicious cyber actors frequently
exploit through the use of software code that specifically targets the
vulnerability. For example, the vulnerability could be exploited to conduct
denial of service attacks. It is likely only a matter of time before remote
exploitation code is widely available for this vulnerability. NSA is concerned
that malicious cyber actors will use the vulnerability in ransomware and
exploit kits containing other known exploits, increasing capabilities against
other unpatched systems.
NSA urges everyone to invest the time and resources to know your network and
run supported operating systems with the latest patches. Please refer to our
advisory for additional information. This is critical not just for NSA’s
protection of National Security Systems but for all networks. In order to
increase resilience against this threat while large networks patch and upgrade,
there are additional measures that can be taken:
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
