What’s going on?
On Tuesday May 14th, Microsoft released security updates to patch a Security Vulnerability they discovered that could lead to the spread of malware like the WannaCry ransomware attacks from 2017.
This newly discovered vulnerability is present in Windows XP, Windows 7, Server 2008, Server 2008 R2, and Server 2003. Although Windows XP and Server 2003 are no longer supported by Microsoft, they have released security updates for those Operating Systems, as well.
You can read more about the WannaCry attacks here.
What is the vulnerability?
CVE-2019-0708 | Remote Desktop Services Remote Code Execution Vulnerability
The long answer: The “Remote Desktop Services” feature that comes with the afore mentioned Windows Operating Systems had a remote code execution vulnerability. When an unauthenticated attacker sends specially crafted requests to a target computer via RDP, they could execute arbitrary code on that target computer. This could potentially allow a malicious actor to gain full administrative control of a computer that has not been updated to patch this exploit.
The vulnerability is pre-authentication, requiring no user interaction to take advantage of. This makes the vulnerability “wormable” and allows for malware that takes advantage of the vulnerability to spread to any other vulnerable systems.
The short answer: Computers running Windows 7 or older, or Server 2008 or older, could be susceptible to malware via the Remote Desktop Services feature if they are not appropriately updated.
What should I do?
Tech Impact works to apply all the latest patches to the workstations we manage, but you should ensure you have all the latest updates for Windows. If you have any reason to believe your systems may not be fully up-to-date, please reach out to your organization’s Account Manager for assistance in determining which systems, if any, are missing needed updates.
The specific patch for supported systems (Windows 7, Server 2008, Server 2008 R2) that will rectify the vulnerability discussed here can be found here.
The specific patch for unsupported systems (Windows XP, Server 2003) that will rectify the vulnerability discussed here can be found here.
Upgrade to Windows 10 Pro
If you have systems that are running Windows 7, they should be upgraded to Windows 10 Pro ASAP. Microsoft will be ending support for Windows 7 on January 14th, 2020. Which means they will no longer create new patches or security fixes for Windows 7 after that date. Windows 10 Pro is also a more secure system that will better protect your nonprofit. Please contact your Account Manager to implement this upgrade. If you don't have an Account Manager and would like to speak with someone about a Windows 10 upgrade, you can request a free consult.