The Microsoft Security Response Center (MSRC) reported this week about serious vulnerabilities in Remote Desktop Services. Here’s a quote from MSRC:
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
These vulnerabilities affect all Windows operating systems still in use except for Windows XP, Windows Server 2003 and Windows Server 2008. The MSRC recommends that users update immediately to remediate. Updates can be downloaded and applied from MSRC pages CVE-2019-1181 and CVE-2019-1182
It’s noteworthy in this context to observe that if automatic Windows updates are enabled, you already have received these critical updates. But, in case you have disabled automatic updates, or paused them, please install them manually as soon as possible.
Here’s what Simon Pope said on the official MSRC blog:
It is important that affected systems are patched as quickly as possible because of the elevated risks associated with wormable vulnerabilities like these, and downloads for these can be found in the Microsoft Security Update Guide. Customers who have automatic updates enabled are automatically protected by these fixes. By default, Windows 10 Home and Windows 10 Pro users will be updated automatically.
If Remote Desktop is disabled on your devices, you are safe. In case you are considering if you should enable RDP, I sincerely recommend installing these updates first, and only then enabling RDP second.
Author: Kari Finn
A former Windows Insider MVP, Kari started in computing in the mid 80’s writing code for VAX / VMS systems. Since then, he’s worked in a variety of IT positions. He specializes in Windows image capture, customization, repair and deployment as well as Hyper-V virtualization. Kari is a proud Team Member at number #1 Windows site TenForums.com.