These bugs plague the company’s remote desktop services and permit malware to spread rapidly from one device to another.
Remote Desktop Services is an older technology that’s been an integral part of the Microsoft Windows environment for decades. It’s a good idea and a widely used technology that allows Windows users to remotely access another computer over a network. Unfortunately, flaws in the system allow malicious third parties to gain control over the system and spread malware via remote code execution.
The two most recently discovered bugs are being tracked as CVE-2019-1181 and CVE-2019-1182. They were discovered by Microsoft during one of the company’s routine security checks. Patches were released for both as part of the company’s August Patch Tuesday.
As the company explained in a recent blog post related to the issues:
“These two vulnerabilities are also ‘wormable,’ meaning that any future malware that exploits these could propagate from vulnerable computer to vulnerable computer without user interaction.”
The operating systems vulnerable to the newly discovered bugs are:
- Windows 7, Service Pack 1
- Windows Server 2008 R2, Service Pack 1
- Windows Server 2012
- Windows 8.1
- Windows Server 2012 R2
- Windows 10, including server versions
At present, Microsoft has no statistics about how many machines in the Windows ecosystem are vulnerable to the two new bugs. The company has detected no third-party manipulations of the vulnerabilities to this point, but they recommend immediately applying the relevant patches in order to mitigate risk.
Unfortunately, recent reports have revealed that many businesses have been slow to respond to the threat that BlueKeep vulnerabilities represent. If your company is among them, the time to act is now.