Credit to Author: Sameer Patil| Date: Fri, 08 Nov 2019 09:54:04 +0000
CVE-2019-0708, popularly known as BlueKeep, is a RDP pre-authentication vulnerability which allows attacker to compromise a vulnerable system without user’s interaction. This exploit is also wormable, meaning that it can spread to other vulnerable systems in a similar way as the WannaCry malware spread across the globe in 2017. Interestingly,…
Read moreCredit to Author: Eric Avena| Date: Thu, 07 Nov 2019 21:05:30 +0000
The new exploit attacks show that BlueKeep will be a threat as long as systems remain unpatched, credential hygiene is not achieved, and overall security posture is not kept in check.
The post Microsoft works with researchers to detect and protect against new RDP exploits appeared first on Microsoft Security.
Read moreCredit to Author: Eric Avena| Date: Thu, 07 Nov 2019 21:05:30 +0000
The new exploit attacks show that BlueKeep will be a threat as long as systems remain unpatched, credential hygiene is not achieved, and overall security posture is not kept in check.
The post The new CVE-2019-0708 RDP exploit attacks, explained appeared first on Microsoft Security.
Read more
Credit to Author: BrianKrebs| Date: Tue, 14 May 2019 17:11:34 +0000
Microsoft today is taking the unusual step of releasing security updates for unsupported but still widely-used Windows operating systems like XP and Windows 2003, citing the discovery of a “wormable” flaw that the company says could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017. The vulnerability (CVE-2019-0709) resides in the “remote desktop services” component built into supported versions of Windows, including Windows 7, Windows Server 2008 R2, and Windows Server 2008. It also is present in computers powered by Windows XP and Windows 2003, operating systems for which Microsoft long ago stopped shipping security updates.
Read more