It has come to our attention that there is a security risk that could affect some customers. It involves Microsoft RDP service on some Microsoft operating systems.
Microsoft have released a High-level security advisory. They have said that there is a critical remote code execution vulnerability in Remote Desktop Services that exists in Windows XP, Windows 7 and server versions like Windows Server 2003, Windows Server 2008 R2, Windows Server 2008. Microsoft have taken this seriously and have released patches for both Windows XP and Windows Server 2003 even though they are both not being supported by Microsoft anymore.
If any customers are using any of these services, we advise that you patch the affect machines ASAP.
The relevant ease of the exploit used to compromise this is approx. 3/10.
This risk could be exploited in two ways.
1. Unpatched RDP services open to the internet and exploited directly
2. Unpatched RDP services used by Malware internally to spread from machine to machine.
How do I Remediate?
Apply the relevant patch. https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708
How Can Ward Help?
For Managed Service customers, the Ward Support team will be reviewing individual environments and making recommendations on appropriate patching for all supported devices.
For all other customers, if you would like additional information or would like support in assessing and protecting your environment, please contact firstname.lastname@example.org or call: 1800 903 552 or contact your account manager, as appropriate.