Microsoft releases emergency patches for serious RDS flaw

Image of ones and zeros with the word

Security updates to Internet Explorer, Microsoft Scripting Engine, Microsoft Edge, Windows Storage and Filesystems, Microsoft Graphics Component, Windows App Platform and Frameworks, Windows Cryptography, Windows Datacenter Networking, Windows Server, Windows Virtualization, Windows Kernel, and the Microsoft JET Database Engine.

Microsoft said the vulnerability is "wormable" which means that no user interaction is needed for a PC to exploited.

"While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware", wrote Simon Pope, director of incident response for the Microsoft Security Response Center. THe affected operating system builds include: Windows 7, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, and Windows XP.

Those running Microsoft XP or Server 2003 at an enterprise level can obtain a security patch here.

Microsoft has warned of a serious security vulnerability in its older, theoretically-unsupported Windows operating systems, releasing patches which need to be applied manually for those systems no longer receiving automated updates. "It is for these reasons that we strongly advise that all affected systems - irrespective of whether NLA is enabled or not - should be updated as soon as possible".

You'd be forgiven for thinking that that would be the very last time Microsoft patched XP, but no.

Manchester City are technically brilliant and mentally formidable
Liverpool finished as Premier League runners-up for the third time, ending the season one point behind Manchester City . Being second in the Premier League is not exactly what I wanted but we have to see it as the first step for this team.

Among the patches is a fix for a zero-day vulnerability in the Windows Error Reporting Service.

Microsoft also issued mitigation guidance for the latest hardware design flaws affecting Intel processors that allow so-called Microarchitectural Data Sampling (MDS) attacks.

This is a flaw in Remote Desktop Services (RDS) which could allow an attacker to remotely execute arbitrary code on a target system after connecting using RDP.

The researchers from the universities in Australia, the United States, Belgium, Austria and CSIRO's Data 61 unit noted that newer Coffee Lake Refresh i9 processors are ironically enough more vulnerable to Fallout compared to older parts, due to Intel's countermeasures against the earlier Meltdown speculative execution information leak flaw.

CVE-2019-0725, a Windows DHCP Server RCE vulnerability that can be exploited by a remote unauthenticated attacker by sending a specially crafted packet to an affected DHCP server (meaning: it's also "wormable"). "This vulnerability will make that process even easier".

Related News:



Most liked

Texas officer shoots woman who said she was pregnant: Latest updates
In a Facebook post , the Baytown Police Department said that the officer recognized the woman "from previous encounters". Investigators have not released the name of the officer, but they said the woman's name was Pamela Shantay Turner.

Whats new in iOS 12.3
Apple's new TV app is also rolling out via an update to tvOS (also numerated 12.3) on the company's Apple TV set top boxes. In the Home app on the iPhone , tap the house button in the upper-left corner, and under Speakers, tap Software Update.

Tiger Woods says Bethpage Black can be 'mentally and physically
Another long-standing record on the horizon is Sam Snead's 82 PGA Tour wins - a mark Woods now needs just one more title to match. Thomas' withdrawal keeps the PGA Championship from having all of the top 100 from the world ranking at Bethpage Black.

‘Stranger Things’ Lego Playset Flips Into the Upside Down
Lucas , Dustin , and Mike all come with flashlights, walkie talkies, and individual accessories like a slingshot or a compass.

Jeremy Kyle show 'should be axed'
The broadcaster said that it will continue to work with Kyle on other projects, but has not yet specified what those will be. He was originally ordered to pay almost £6,000 in compensation to two finance companies in 1997 at Poole Magistrates' Court.

British Council staffer sentenced to 10 years for 'spying': Iran
Iranian authorities shut down the British Council there more than a decade ago for what Esmaili described as "illegal activities". Zaghari-Ratcliffe is serving a five-year term for allegedly trying to topple the Iranian government - charges she denied.

Next Star Wars Movies Confirmed to Be from Game of Thrones Creators
Weiss arrive for the premiere of the final season of " Game of Thrones " at Radio City Music Hall in NY , U.S., April 3, 2019. Iger wouldn't comment on what their film will be about, when it will be set, or any additional details about its production.

Sex videos can't be used in Robert Kraft case, judge rules
And Judge Leonard Hanser, of the 15th Judicial Circuit in Palm Beach County, agreed on the privacy issue. They argued video, which is not specifically covered under Florida law, should have a higher threshold.

Jays acquire RHP Edwin Jackson, who joins record 14th team
He is batting.191 on the year after devouring minor-league pitching last season to the tune of a.381 batting average. Toronto catcher Danny Jansen was resplendent wearing a pink chest protector, pink shin guards and pink shoes.

Saudis say oil pipeline was attacked by drones, possibly from Yemen
The US Embassy in the UAE advised its citizens to maintain a high level of vigilance for heightened tensions in the region. The pipeline mainly transports crude from the kingdom's eastern fields to Yanbu port, which lies north of Bab al-Mandeb.

The Mortal Kombat movie reboot will start filming this year
It looks like the Mortal Kombat movie reboot has escaped purgatory and is set to be filmed and produced in Australia . Now we get to experience South Australia with its scenic locations and a wealth of artistic talent to work with.

Antoine Griezmann transfer: France star confirms he is leaving Atletico Madrid
Griezmann's next destination is expected to be Barcelona, who have been linked with a move 28-year-old for the last three years. Since joining Atletico from Real Sociedad in 2014, Griezmann has registered 133 goals and 50 assists in 256 games for the club.

Donald Trump Praises Bill Barr for Investigating Russia 'Hoax' Origin
President Trump recently referred to the Russian Federation investigation as one of the biggest hoaxes in US history. Durham is a career prosecutor who was nominated for his post as USA attorney in CT by Trump.

Felicity Huffman Formally Pleads Guilty To College Entrance Exam Fraud
Seventeen other parents, including Loughlin, have made a decision to fight the charges and formally submitted not guilty pleas . Federal prosecutors are aiming for a sentence between four and ten months in federal prison on the guilty plea.

Kim Kardashian Fourth Baby Name Theories
It could just be that the A-lister is trying to tell us something, and fans picked up on it. In addition, Teddy and Cub have are also seen as possible names for the new arrival.