In the last few days, Microsoft has released information about a critical vulnerability in the Windows operating system (CVE-2019-0708). This vulnerability allows remote code execution by an attacker directly from the network. Using the Remote Desktop Protocol (RDP) in remote desktop services. That affects older versions of Windows used by many users worldwide. This attack may affect many computers in every sector and industry including finance, healthcare, government, retail, industrial’s and others.
As this vulnerability is placed at the pre-authentication stage and does not require any user interaction. It would allow any arbitrary attacker on the internet to execute malicious code on a victim’s private system. And allow for a total takeover of a PC within any network. Such as Wi-Fi hotspots, public networks and private and corporate networks.
According to Microsoft, in order to exploit this vulnerability. An attacker would have to send a specially tailored request to the target systems’ Remote Desktop Service via RDP. Given the nature of the vulnerability. Once a host is infected. There is great risk of lateral movement to infect other connected hosts on the same network.
Put another way and to clarify the potential exploitation of this vulnerability. It could be used in a very similar manner as that of the 2017 WannaCry attack that caused catastrophic disruption. And sabotage to thousands of organisations across all industries worldwide.
Those using certain versions of Microsoft Windows 7 and Windows Server 2008 are at risk from this vulnerability. Customers running Windows 8 and Windows 10 are not affected by this vulnerability. This is due to these later versions incorporating more secure updates.
Those most at risk, among others, are those working with embedded devices. Such as ATM’s in the banking sector and IoT devices in the healthcare industry. Due to older versions of Windows known to be the systems behind these operations. As well as them being prized targets for cyber criminals. Since announcing this vulnerability. Security professionals in hospitals and banks have been working diligently to patch their systems.
Contact us for more information at 087 809 3516 or complete the form below.
Sourced from IT news