Critical vulnerability in Microsoft remote desktop services; update now

Microsoft has just announced the launch of a set of update patches to correct a critical vulnerability in Remote Desktop services. If exploited, the flaw could quickly spread over the Internet; according to information security services, the vulnerability affects previous versions of Windows, including those that are no longer supported by the company.

The vulnerability is considered critical as it requires no user interaction or prior authentication. Although this flaw has not been exploited in the wild, any variant of malware that can exploit it in the future could spread rapidly through compromised networks in a similar way to the outbreak of WannaCry ransomware in 2017.

Given the impact on users of potentially affected systems, Microsoft decided to launch updates also for Windows versions that are no longer supported; updates will be available only through the Microsoft Update catalog, report information security services specialists.

In the security report, Microsoft reports that patches should be installed in the following versions of Windows:

  • Windows 7
  • Windows Server 2008 R2
  • Windows Server 2008
  • Windows Server 2003
  • Windows XP

On the other hand, information security services firms report that Windows versions that do not require updating are:

  • Windows 8
  • Windows 10
  • Windows Server from version Server 2012

The specialists emphasize the importance that the administrators of the exposed systems install the updates as soon as possible, because although so far the risk exists only at theoretical level, the vulnerability remains critical and many the users exposed to a potential exploitation.

As an additional security measure, specialists from the International Institute of Cyber Security (IICS) recommend disabling access to Remote Desktop Protocol (RDP) from the Internet if the user does not really require that it is enabled. If it is necessary to enable this feature, it is advisable to configure a virtual private network (VPN) with multifactor authentication. Deploying network-level authentication is also a recommended measure; however, the user is still required to install the update patches.