Good News for organized crime, and other criminal, system attackers: Microsoft Corporation (NASDAQ: MSFT) has coughed up another furball of coding incompetence (aka CVE-2019-0708): Microsoft's Security Response Center's Director of Incident Response - Simon Pope, has announced a newly discovered 'wormable' exploit (a pre-user-authentication) attack, that is). More good work from the company helmed by Satya 'The Miracle Worker' Nadella (who, in reality is a superb leader of the Leviathan of Redmond (so ignore my gentle snark - if you are a fan). Today's Must Read.
"Today Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. The Remote Desktop Protocol (RDP) itself is not vulnerable. This vulnerability is pre-authentication and requires no user interaction. In other words, the vulnerability is ‘wormable’, meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware." - via Microsoft Corporation's MSRC Director of Incident Response - Simon Pope