{"id":61050,"date":"2019-05-15T15:05:33","date_gmt":"2019-05-15T20:05:33","guid":{"rendered":"https:\/\/www.pcmatic.com\/blog\/?p=61050"},"modified":"2019-05-15T15:05:39","modified_gmt":"2019-05-15T20:05:39","slug":"microsoft-patches-major-remote-access-security-hole","status":"publish","type":"post","link":"https:\/\/www.pcmatic.com\/blog\/microsoft-patches-major-remote-access-security-hole\/","title":{"rendered":"Microsoft Patches Major Remote Access Security Hole"},"content":{"rendered":"\n

It’s Bad Enough, Microsoft Issued Patches for Legacy Systems<\/h4>\n\n\n\n

Microsoft has recently released a critical update addressing a significant security hole found within their Remote Desktop Services. The security gap impacts multiple Windows versions, leaving Microsoft with no choice but to offer patches for all impacted operating systems, including legacy systems. Since patches are rarely issued for legacy operating systems, users should take this as a sign of the significance. <\/p>\n\n\n\n

The operating systems that are believed to be compromised include Windows Server 2003 and XP, as well as Windows 7, 2008 R2, and 2008 for PCs. The downloadable patch for in-support systems can be found in the Microsoft Security Update Guide<\/a>\u00a0and in KB4500705<\/a>\u00a0for out-of-support systems.\u00a0 <\/p>\n\n\n\n

The Herjavec Group has sent out at Threat Advisory email, stating, <\/p>\n\n\n\n

It is critical that organizations apply the patch as soon as possible because this vulnerability is \u201cwormable\u201d, meaning it is pre-authentication and requires no user interaction. An exploit for this weakness could be used to create malware that would spread similarly to WannaCry and other recent worms. <\/p><\/blockquote>\n\n\n\n

If users are not able to apply the necessary patches, other controls to mitigate risk exposure include:
<\/p>\n\n\n\n