By Tammera E Campbell on 2019-05-15T20:41:08Z
Microsoft released on May 14, 2019 the warning to immediately update and reboot your system due to a Microsoft Remote Desktop Services vulnerability, see Microsoft Remote Desktop Services (CVE-2019-0708). Users are advised this is an extremely dangerous vulnerability and should be addressed right away.
This affects the following operating systems:
- Microsoft Windows Server 2008 R2 for x64-based Systems SP1
- Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
- Microsoft Windows Server 2008 for x64-based Systems SP2
- Microsoft Windows Server 2008 for Itanium-based Systems SP2
- Microsoft Windows Server 2008 for 32-bit Systems SP2
- Microsoft Windows 7 for x64-based Systems SP1
- Microsoft Windows 7 for 32-bit Systems SP1
- Microsoft Windows Server 2003 SP2 x86
- Microsoft Windows Server 2003 x64 Edition SP2
- Microsoft Windows XP SP3 x86
- Microsoft Windows XP Professional x64 Edition SP2
- Microsoft Windows XP Embedded SP3 x86
Users should know that if their systems are not patched appropriately and an attack is launched against this vulnerability, LBNL will temporarily block access to RDP (3389/tcp) from outside the Laboratory. If this occurs, users must use VPN to access Remote Desktop Services hosted Lab systems.
Users can refer to Cyber Security’s announcement, Critical Remote Desktop Vulnerability. Any questions or concerns can be directed to security@lbl.gov.
Advice: Always keep your system and all software up to date and REBOOT at least once a month.
RELATED ARTICLES