{"id":287,"date":"2019-08-17T19:38:45","date_gmt":"2019-08-17T14:08:45","guid":{"rendered":"https:\/\/www.hostnamaste.com\/blog\/?post_type=news&#038;p=287"},"modified":"2019-10-23T18:50:52","modified_gmt":"2019-10-23T13:20:52","slug":"microsoft-fixes-critical-windows-10-wormable-remote-desktop-flaws","status":"publish","type":"news","link":"https:\/\/www.hostnamaste.com\/blog\/news\/microsoft-fixes-critical-windows-10-wormable-remote-desktop-flaws\/","title":{"rendered":"Microsoft Fixes Critical Windows 10 Wormable Remote Desktop Flaws"},"content":{"rendered":"<figure id=\"attachment_288\" aria-describedby=\"caption-attachment-288\" style=\"width: 758px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"size-large wp-image-288\" src=\"https:\/\/www.hostnamaste.com\/blog\/wp-content\/uploads\/2019\/08\/Microsoft-Wormable-RDP-HostNamaste-1024x410.jpg\" alt=\"Microsoft Fixes Critical Windows 10 Wormable Remote Desktop Flaws - HostNamaste\" width=\"758\" height=\"303\" srcset=\"https:\/\/www.hostnamaste.com\/blog\/wp-content\/uploads\/2019\/08\/Microsoft-Wormable-RDP-HostNamaste-1024x410.jpg 1024w, https:\/\/www.hostnamaste.com\/blog\/wp-content\/uploads\/2019\/08\/Microsoft-Wormable-RDP-HostNamaste-300x120.jpg 300w, https:\/\/www.hostnamaste.com\/blog\/wp-content\/uploads\/2019\/08\/Microsoft-Wormable-RDP-HostNamaste-768x307.jpg 768w, https:\/\/www.hostnamaste.com\/blog\/wp-content\/uploads\/2019\/08\/Microsoft-Wormable-RDP-HostNamaste.jpg 1250w\" sizes=\"auto, (max-width: 758px) 100vw, 758px\" \/><figcaption id=\"caption-attachment-288\" class=\"wp-caption-text\"><span style=\"font-size: 12pt; font-family: Verdana, Geneva; color: #5dae26;\">Microsoft Fixes Critical Windows 10 Wormable Remote Desktop Flaws &#8211; HostNamaste<\/span><\/figcaption><\/figure>\n<p><span style=\"font-size: 12pt; font-family: Verdana, Geneva;\">Microsoft released patches for two new critical remote code execution (RCE) vulnerabilities found\u00a0in the Remote Desktop Services (RDS) and\u00a0affecting all in-support versions of Windows.<\/span><\/p>\n<p><span style=\"font-size: 12pt; font-family: Verdana, Geneva;\">Users are urged to <a href=\"https:\/\/www.hostnamaste.com\/clients\/announcements\/4\/Emergency-Security-Patching-on-Windows-Shared-Hosing-Servers.html\">patch<\/a> by the\u00a0Microsoft Security Response Center (MSRC) to patch the newly found Windows security flaws as soon as possible due to the elevated risks associated with wormable vulnerabilities.<\/span><\/p>\n<p><span style=\"font-size: 12pt; font-family: Verdana, Geneva;\">The two critical RCE flaws are tracked as\u00a0<a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2019-1181\" target=\"_blank\" rel=\"noopener\">CVE-2019-1181<\/a>\u00a0and\u00a0<a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2019-1182\" target=\"_blank\" rel=\"noopener\">CVE-2019-1182<\/a>, and just like &#8220;the previously-fixed \u2018BlueKeep\u2019 vulnerability (<a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2019-0708\" target=\"_blank\" rel=\"noopener\">CVE-2019-0708)<\/a>, these two vulnerabilities are also \u2018wormable\u2019, meaning that any future malware that exploits these could propagate from vulnerable computer to vulnerable computer without user interaction,&#8221; adds\u00a0MSRC Director of Incident Response\u00a0Simon Pope. <\/span><\/p>\n<p><span style=\"font-size: 12pt; font-family: Verdana, Geneva;\">&#8220;The affected versions of <a href=\"https:\/\/www.yourlasthost.com\/blog\/virtual-servers-explained\/\" target=\"_blank\" rel=\"noopener\">Windows<\/a> are Windows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, and all supported versions of Windows 10, including server versions,&#8221; also adds Pope.<\/span><\/p>\n<div id=\"FIOnDemandWrapper_fiInstance_101900_0_162943461949964300\" class=\"FIOnDemandWrapper\">\n<div class=\"apd_static_banner \"><span style=\"font-size: 12pt; font-family: Verdana, Geneva;\">The Remote Desktop Protocol (RDP) is not impacted by the newly patched security flaws, and Windows XP, Windows Server 2003, and Windows Server 2008 are also not affected.\u00a0<\/span><a style=\"font-family: Verdana, Geneva; font-size: 12pt;\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/microsoft-fixes-critical-windows-10-wormable-remote-desktop-flaws\/\" target=\"_blank\" rel=\"noopener\">READ MORE HERE<\/a><\/div>\n<\/div>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft released patches for two new critical remote code execution (RCE) vulnerabilities found&nbsp;in the Remote Desktop Services (RDS) and&nbsp;affecting all in-support versions of Windows. Users&hellip;<\/p>\n","protected":false},"author":2,"featured_media":288,"comment_status":"open","ping_status":"closed","template":"","tags":[388,391,387,386,390,392,393,394,389],"news-category":[396,400,399,398,395,397],"class_list":["post-287","news","type-news","status-publish","has-post-thumbnail","hentry","tag-microsoft","tag-rce","tag-rdp","tag-remote-desktop-services-rds","tag-vulnerability","tag-windows-10","tag-windows-server-2008-r2-sp1","tag-windows-server-2012","tag-wormable","news-category-microsoft","news-category-rdp","news-category-remote-desktop-services-rds","news-category-vulnerability","news-category-wormable","news-category-wormable-remote-desktop-flaws"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.hostnamaste.com\/blog\/wp-json\/wp\/v2\/news\/287","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.hostnamaste.com\/blog\/wp-json\/wp\/v2\/news"}],"about":[{"href":"https:\/\/www.hostnamaste.com\/blog\/wp-json\/wp\/v2\/types\/news"}],"author":[{"embeddable":true,"href":"https:\/\/www.hostnamaste.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hostnamaste.com\/blog\/wp-json\/wp\/v2\/comments?post=287"}],"version-history":[{"count":0,"href":"https:\/\/www.hostnamaste.com\/blog\/wp-json\/wp\/v2\/news\/287\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.hostnamaste.com\/blog\/wp-json\/wp\/v2\/media\/288"}],"wp:attachment":[{"href":"https:\/\/www.hostnamaste.com\/blog\/wp-json\/wp\/v2\/media?parent=287"}],"wp:term":[{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hostnamaste.com\/blog\/wp-json\/wp\/v2\/tags?post=287"},{"taxonomy":"news-category","embeddable":true,"href":"https:\/\/www.hostnamaste.com\/blog\/wp-json\/wp\/v2\/news-category?post=287"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}