Talk to an expert
BLOG

Microsoft Releases Notice of More RDP Vulnerabilities

By Lumifi Cyber  |  February 11, 2020

Two more security issues announced surrounding Remote Code Execution against Remote Desktop Services (RDP).

Microsoft released a notice today concerning two vulnerabilities, which would result in a Remote Code Execution vulnerability against the RDP.  These are being tracked under CVE-2019-1181 and CVE-2019-1182. This is akin the previous vulnerability that we notified you on, CVE-2019-0708, aka Bluekeep.

This vulnerability targets the more recent versions of Windows:

  • Windows 7 SP1
  • Windows Server 2008 R2 SP1
  • Windows Server 2012
  • Windows 8.1
  • Windows Server 2012 R2
  • Windows 10, including server versions

Like the previous mentioned vulnerability, these attacks would be ‘wormable’, similar to how the ‘WannaMine’ and other malware variants used the Eternal family of exploits to wreak havoc and still continue to be used laterally in networks.
While currently there is no active exploits against these vulnerabilities and Microsoft has not seen these exploits being utilized in the wild, Lumifi recommends patching systems as soon as possible.  The immediate focus should be systems that have RDP exposed to the internet.  Customers who have automatic updates enabled should be protected by these patches already.

Lumifi's Content team will continue to monitor these exploits and create alerts surrounding any possible exploitation of these vulnerabilities.

You can find a reference for patching from Microsoft at the following link:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182

CVE References:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182

By Lumifi Cyber
Microsoft Releases Notice of More RDP Vulnerabilities

Topics Covered

Share This

Subscribe for Exclusive Updates

Stay informed with the most recent updates, threat briefs, and useful tools & resources. You have the option to unsubscribe at any time.

Related Articles

🚨 New Webinar Alert! 🚨

Q2: SOC Quarterly Threat Briefing

🗓️ Date: July 24th, 2024
🕒 Time: 11 AM (PT)

Secure Your Spot!
Privacy PolicyTerms & ConditionsSitemapSafeHotline
magnifiercrossmenuchevron-down linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram