Microsoft plugs wormable RDP flaw, new speculative execution side channel vulnerabilities

Microsoft plugs wormable RDP flaw, new speculative execution side channel vulnerabilities

No exploitation of the vulnerability has been spotted so far, Microsoft claimed, although hackers are likely to create an exploit for it and include it in their malicious programmes in near future.

For those who can not apply the security updates, Microsoft advises either disabling RDP services if they are not required, blocking TCP port 3389 at the enterprise perimeter firewall, and/or enabling Network Level Authentication (NLA) on systems running supported editions of Windows 7, Windows Server 2008, and Windows Server 2008 R2. Windows 8 and 10 are unaffected, but there's still a vast pool of older systems out there that could be hit if left unpatched. While machines running Windows 7, Windows Server 2008 R2, and Windows Server 2008 are vulnerable, in-support systems and patches for these versions can be found in the Microsoft Security Update Guide.

A patch is now available for a privilege escalation vulnerability exploited in the wild that affects the way Windows Error Reporting handles files.

According to Microsoft, there is a vulnerability in the Remote Code Execution function of the Remote Desktop Services.

For those interested, Microsoft shared some additional details about this security vulnerability. This measure would stop worms as long as attackers don't have valid credentials for authentication on vulnerable systems. While support for Windows XP has been discontinued - including the cessation of security patches - the company has taken the unusual step of issuing a patch to prevent it from becoming an attack vector and, thereby, embarrassing the company.

Microsoft advises that "all affected systems - irrespective of whether NLA is enabled or not - should be updated as soon as possible".

Next Star Wars Movie From Game of Thrones Creators; Not Rian Johnson
Disney's first foray into the Star Wars universe, The Force Awakens , was a success - both financially and critically. Iger spoke of the decision to wait that long for more Star Wars at the summit.

"An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights", Microsoft said in the vulnerability advisory.

Of these, 18 patches deal with vulnerabilities in the Windows Scripting Engine and web browsers.

Security researchers have shown it is possible to exploit MDS vulnerabilities with attacks such as rogue in-flight data load (RIDL) and Fallout to glean secrets and sensitive information such as password and digital keys on recent Intel processors.

Microsoft released fixes for 79 unique vulnerabilities yesterday, including 22 critical bugs - one of which could be used to spread malware around the globe.

Windows 10 Mobile will go out of support in December this year, which means this month's Cumulative Update is one of the last few coming to the OS.

Related Articles