Microsoft Vulnerabilities Discovered

Polar SystemsPolar Systems Blog

Many of you may have seen the recent warning regarding some newly discovered vulnerabilities in various Microsoft Windows versions.  Links to learn more about the vulnerabilities are below:

Microsoft warns Windows 10 users to update immediately

Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182)

CVE-2019-1181 | Remote Desktop Services Remote Code Execution Vulnerability

CVE-2019-1182 | Remote Desktop Services Remote Code Execution Vulnerability

These vulnerabilities specifically affect Windows 7 SP1, Windows Server 2008 SP1, Windows server 2012, Windows 8.2, Windows Server 2012 R2, and all supported versions of Windows 10 (It is important to note there are currently several older, unsupported versions of Windows 10 still in the field.  These will not receive any further security patches).  If you are concerned you might have older unsupported Windows 10 in your environment, you can check with your vCIO or our Network Operations team for a listing of any unsupported machines you might have.

It is important to note these vulnerabilities were discovered by Microsoft through their own security hardening process and there is no evidence the problem was known outside of Microsoft.  There is also no evidence the vulnerabilities have been exploited as yet.  

The most likely candidates for attack are machines which have Remote Desktop Protocol (RDP) directly exposed to the Internet.  Machines which are not directly accessible from the outside and secured behind a firewall are at much lower risk.  Due to many other vulnerabilities and exploits associated with the RDP protocol in recent years, it has been Polar Systems’ policy for to never expose Remote Desktop Protocol to the public Internet on the machines we deploy / manage.

Polar Systems’ is scheduled to deploy patches to the affected Windows machines we manage this week to remediate the problem. 

As always if you have questions or concerns about the machines in your environment, feel free to reach out to your vCIO, our Network Operations Team or to me directly for more information.

Kenny Franklin
Director of Operations