Serious Microsoft RDP Vulnerability

A serious vulnerability in the Remote Desktop Services software of Microsoft’s operating systems was recently announced by Microsoft. The seriousness of this flaw (which allows remote code execution without authentication by attackers) is such that Microsoft is releasing patches for systems all the way back to Windows XP and Server 2003 – two operating systems that have long been out of commercial support by Microsoft, though more recent operating systems (Windows 8 and Windows Server 2012 and later) are not affected. The risk is such that an attackers can craft attacks using malware that can swiftly propagate throughout an enterprise and beyond, for whatever purpose the attacker intended.

Commentary: It is events like this that highlight the shortcomings of most company’s patch and vulnerability management processes. Despite this being the latest in a long series of “Oh My God! we have to fix this now!” events, the number of companies which still remain vulnerable to similiar events from the past (such as Wannacry) is shocking.

Since the WhatsApp app has been patched for this vulnerability, now would be a good time to make sure that you are running the latest version on your phone.

Likely Threat(s): Nation-States, Criminals?
Likely Motive(s): All
Likely Means: Operating System Vulnerabilities
Opportunities: Asset Management, Patch Management

%d bloggers like this: