A potentially wormable, critical remote code execution vulnerability exists in Microsoft's Remote Desktop Services. This is documented in CVE-2019-0708. Microsoft has provided a patch to mitigate this, however it is noteworthy that they have also provided a patch for older, unsupported operating system versions due to the severity of the vulnerability.
The vulnerability could potentially allow an unauthenticated attacker to execute arbitrary code on the target system with full administrative rights.
Due to the fact that this vulnerability could allow wormable execution with no user interaction, the E-ISAC recommends researching the CVE and ensuring that any vulnerable systems in member environments are patched expeditiously.
- E-ISAC AOO Members
- E-ISAC Staff
- Watch Floor
- E-ISAC Staff, 05/15/2019