A Reminder to Update Your Systems to Prevent a Worm

On May 14, Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. In our previous blog post on this topic we warned that the vulnerability is...

A Reminder to Update Your Systems to Prevent a Worm

On May 14, Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. In our previous blog post on this topic we warned that the vulnerability is...

One Million Devices Open to Wormable Microsoft BlueKeep Flaw

One million devices are still vulnerable to BlueKeep, a critical Microsoft bug with “wormable” capabilities, almost two weeks after a patch was released. The flaw CVE-2019-0708 was fixed during Microsoft’s May Patch Tuesday Security Bulletin earlier this month. System administrators were urged to...

Nearly 1 Million Computers Still Vulnerable to "Wormable" BlueKeep RDP Flaw

Nearly 1 million Windows systems are still unpatched and have been found vulnerable to a recently disclosed critical, wormable, remote code execution vulnerability in the Windows Remote Desktop Protocol RDP—two weeks after Microsoft releases the security patch. If exploited, the vulnerability cou...

Nearly 1 Million Computers Still Vulnerable to "Wormable" BlueKeep RDP Flaw

Nearly 1 million Windows systems are still unpatched and have been found vulnerable to a recently disclosed critical, wormable, remote code execution vulnerability in the Windows Remote Desktop Protocol RDP—two weeks after Microsoft releases the security patch. If exploited, the vulnerability cou...

Talos releases coverage for 'wormable' Microsoft vulnerability

Last night, Cisco Talos released the latest SNORT® rule update, which includes coverage for the critical Microsoft vulnerability CVE-2019-0708. The company disclosed this vulnerability last week as part of its monthly security update. This particular bug exists in Remote Desktop Services — former...

Understanding the Wormable RDP Vulnerability CVE-2019-0708

ARCHIVED STORY RDP Stands for "Really Do Patch!" - Understanding the Wormable RDP Vulnerability CVE-2019-0708 By Eoin Carroll · May 21, 2019 During Microsoft’s May Patch Tuesday cycle, a security advisory was released for a vulnerability in the Remote Desktop Protocol RDP. What was unique in this...

Microsoft Releases Patches For A Critical 'Wormable Flaw' and 78 Other Issues

It's Patch Tuesday—the day when Microsoft releases monthly security updates for its software. Microsoft has software updates to address a total of 79 CVE-listed vulnerabilities in its Windows operating systems and other products, including a critical wormable flaw that can propagate malware from...

Microsoft Releases Patches For A Critical 'Wormable Flaw' and 78 Other Issues

It's Patch Tuesday—the day when Microsoft releases monthly security updates for its software. Microsoft has software updates to address a total of 79 CVE-listed vulnerabilities in its Windows operating systems and other products, including a critical wormable flaw that can propagate malware from...

Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003

Microsoft today is taking the unusual step of releasing security updates for unsupported but still widely-used Windows operating systems like XP and Windows 2003, citing the discovery of a "wormable" flaw that the company says could be used to fuel a fast-moving malware threat like the WannaCry...

Prevent a worm by updating Remote Desktop Services (CVE-2019-0708)

Today Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. The Remote Desktop Protocol RDP itself is not vulnerable. This vulnerability is...

Prevent a worm by updating Remote Desktop Services (CVE-2019-0708)

Today Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. The Remote Desktop Protocol RDP itself is not vulnerable. This vulnerability is...

Prevent a worm by updating Remote Desktop Services (CVE-2019-0708)

Today Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. The Remote Desktop Protocol RDP itself is not vulnerable. This vulnerability is...

Watch Out! New Cryptocurrency-Mining Android Malware is Spreading Rapidly

Due to the recent surge in cryptocurrency prices, threat actors are increasingly targeting every platform, including IoT, Android, and Windows, with malware that leverages the CPU power of victims' devices to mine cryptocurrency. Just last month, Kaspersky researchers spotted fake antivirus and...

Windows Search Bug Worth Watching, and Squashing

Between Conficker and WannaCry, there was a nearly a decade when network worms went dark. WannaCry changed that, riding into enterprises globally on the coattails of a leaked nation-state exploit. In the months since the May 12 ransomware attack, vendors, researchers and network admins have been ...

A King’s Ransom It is Not

The first half of 2017 began with two intriguing ransomware events, both partly enabled by wormable exploit technology dumped by a group calling themselves "The ShadowBrokers". These WannaCry and ExPetr ransomware events are the biggest in the sense that they spread the quickest and most...

Analysis of the Shadow Brokers release and mitigation with Windows 10 virtualization-based security

On April 14, a group calling themselves the Shadow Brokers caught the attention of the security community by releasing a set of weaponized exploits. Shortly thereafter, one of these exploits was used to create wormable malware that we now know as WannaCrypt, which targeted a large number of...

Samba Patches Critical Bug Exploitable With One Line Of Code

A patch for a critical vulnerability impacting the free networking software Samba was issued Wednesday. The flaw poses a severe threat to users, with approximately 104,000 Samba installations vulnerable to remote takeover. More troubling, experts say, the vulnerability can be exploited with just...

Wanna Cry Again? NSA’s Windows 'EsteemAudit' RDP Exploit Remains Unpatched

Brace yourselves for a possible 'second wave' of massive global cyber attack, as SMB Server Message Block was not the only network protocol whose zero-day exploits created by NSA were exposed in the Shadow Brokers dump last month. Although Microsoft released patches for SMB flaws for supported...

7-Year-Old Samba Flaw Lets Hackers Access Thousands of Linux PCs Remotely

A 7-year-old critical remote code execution vulnerability has been discovered in Samba networking software that could allow a remote attacker to take control of an affected Linux and Unix machines. Samba is open-source software re-implementation of SMB networking protocol that runs on the majorit...