Wormable Bugs in Windows Need Your Immediate Attention
Exploits could spread from PC to PC without any user interaction needed.
There are four new Windows vulnerabilities that Microsoft is warning about related to Remote Desktop Services (RDS) – previously known as Terminal Services. These vulnerabilities can allow a user to take control of a PC over a network connection by making it possible for an unauthenticated attacker to send a specially crafted request. Once the attacker gains access, they can execute arbitrary code on the exploited system allowing them to install programs, manipulate data and even create accounts with full user rights.
These vulnerabilities affect most running versions of Windows including desktops versions 7, 8 and 10 along with server versions 2008, 2012, 2016 and 2019. This means that most computers in operation today are at risk. Many healthcare organizations use Remote Desktop Services (RDS) to help protect access to Protected Health Information. Protecting this PHI makes it especially critical that these systems are updated immediately.
Microsoft rates the severity of these vulnerabilities as Critical, a 9.7 or higher out of 10. It also says that there is a high risk of this vulnerability being exploited. This risk is increased if Network Level Authentication is turned off which is common in many enterprises.
If you have automated updates enabled you should have received these updates on 8/13/2019, which was this month's “Patch Tuesday”. You should ensure that you have received these updates and that they have been applied.
Microsoft created this blog post to explain the importance of patching these vulnerabilities quickly. The following are links to details of the specific vulnerabilities.