With May's Patch Tuesday, Microsoft patched a critical "WannaCry-level" vulnerability along with other foray of security updates. This vulnerability is so critical that Microsoft actually released patches for Windows XP which they stopped supporting long back. This vulnerability is said to affect more than 450 million computers worldwide.
This wormable vulnerability (CVE-2019-0708) present in the Remote Desktop Services component is pre-authentication and requires no user interaction.This is an RCE vulnerability that can be exploited remotely by sending specially crafted requests over Remote Desktop Protocol (RDP) to a targeted system. This vulnerability is present in Windows 7, Windows Server 2008 R2, Windows Server 2008, and in older versions like Windows XP and Windows 2003 as well.
WannaCry - The one name that made IT admins around the world tremble. The one name that showed what a real cyber warfare will be like - inflicting losses of more than $4 billion and leaving thousands of organizations stranded.
Well, security researchers fear that the BlueKeep RDS vulnerability (CVE-2019-0708)could be the next WannaCry as the vulnerability is wormable, meaning that any future malware that exploits this vulnerability could propagate from one vulnerable computer to another in a similar way WannaCry did in 2017.
Microsoft has patched the remote desktop services vulnerability with this month's Patch Tuesday. So, if your computer runs older Windows OSs like Windows XP or Windows 2003, follow the patch installation guide from Microsoft to deploy the patches.
But if you have more than ten computers, manually installing these patches can be time-consuming and tiring. Download a free trial of ManageEngine Patch Manager Plus to automate the patching process in your enterprise.
With features to automate patch management, test and approve patches, decline patches, and more, you can install the latest patches seamlessly to your endpoints as soon as they're available. Patch Manager Plus supports patching for all the major OSs like Windows, Mac, and Linux as well as patching for more than 500 third-party applications. This way, you'll never miss a patch for any of your applications.