Microsoft’s security team have identified and patched another duo of critical wormable vulnerabilities in its Remote Desktop Protocol (RDP). The security flaws could allow malware to propagate from system-to-system without user interaction.
The patches come hot on the heels of the high-profile Bluekeep vulnerability, disclosed by the UK’s National Cyber Security Centre to Microsoft in May. Microsoft warned in the wake of that disclosure that it was “highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware”.
National security agencies urged rapid patching in the wake of that disclosure, fearing an outbreak of another malware like WannaCry, as cybersecurity firms raced to publish expurgated proof-of-concepts of the exploit.
See also: Microsoft Credits NCSC for Critical Bug Find, Pushes Out Unusual Patch
The vulnerabilities disclosed today, CVE-2019-1181/1182, both involve Remote Desktop Protocol (RDP) and would allow an unauthenticated attacker connecting to the target system using RDP to execute arbitrary code on the target system, install programmes, change or delete data, and create new accounts with full user rights.
The vulnerabilities were found by Microsoft as it worked on hardening RDP, which has been found to be riddled with vulnerabilities.
The affected versions of Windows are Windows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, and all supported versions of Windows 10, including server versions.
Simon Pope, Director of Incident Response, Microsoft Security Response Center (MSRC), said: “It is important that affected systems are patched as quickly as possible because of the elevated risks associated with wormable vulnerabilities like these, and downloads for these can be found in the Microsoft Security Update Guide.”
Content from our partners
RDP Vulnerability Disclosure: Comes Amid Flurry of Patch Tuesday Fixes
Chris Goettl, Director of Security Solutions at Ivanti, said that broadly the patches were less substantial than last month’s: “August Patch Tuesday was a pleasant relief after the massive release of updates in July. But don’t sit in your lawn chair and open that cold beverage just yet; you still have some things to do!
“Microsoft resolved a total of 93 unique CVEs this month, but surprisingly there are NO zero-days OR publicly disclosed vulnerabilities! It has been a long time since I remember that happening. One vulnerability of interest is (CVE-2019-9506) titled Encryption Key Negotiation of Bluetooth Vulnerability.
“CERT/CC has issued CVE-2019-9506 and VU#918987 for this tampering vulnerability, which has a CVSS score of 9.3. It requires specialised hardware to exploit but can allow wireless access and disruption within Bluetooth range of the device being attacked. Microsoft provided an update to address the issue, but the new functionality is disabled by default. You must enable the functionality by setting a flag in the registry.”
See also: Remote Desktop Protocols Riddled With Vulns: Check Point Finds 16 Modes of Pwnage
Critical vulnerabilities disclosed this Thursday include:
Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1141, CVE-2019-1195, CVE-2019-1196, CVE-2019-1197
Remote Code Execution
Hyper-V Remote Code Execution Vulnerability
CVE-2019-0720
Remote Code Execution
LNK Remote Code Execution Vulnerability
CVE-2019-1188
Remote Code Execution
Microsoft Graphics Remote Code Execution Vulnerability
CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152
Remote Code Execution
Microsoft Outlook Elevation of Privilege Vulnerability
CVE-2019-1204
Elevation of Privilege
Microsoft Outlook Memory Corruption Vulnerability
CVE-2019-1199
Remote Code Execution
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2019-1200
Remote Code Execution
Microsoft Word Remote Code Execution Vulnerability
CVE-2019-1201, CVE-2019-1205
Remote Code Execution
Remote Desktop Services Remote Code Execution Vulnerability
CVE-2019-1181, CVE-2019-1182, CVE-2019-1222, CVE-2019-1226
Remote Code Execution
Scripting Engine Memory Corruption Vulnerability
CVE-2019-1133, CVE-2019-1194
Remote Code Execution
Windows DHCP Client Remote Code Execution Vulnerability
CVE-2019-0736
Remote Code Execution
Windows DHCP Server Remote Code Execution Vulnerability
CVE-2019-1213
Remote Code Execution
Windows Hyper-V Remote Code Execution Vulnerability
CVE-2019-0965
Remote Code Execution
Windows VBScript Engine Remote Code Execution Vulnerability
CVE-2019-1183
Remote Code Execution
Microsoft Live Accounts Elevation of Privilege Vulnerability
ADV190014
Elevation of Privilege
