Security Advisory: Windows Remote Desktop Vulnerability
Posted by Kevin Stange on 15 August 2019 11:14 AM
A set of vulnerabilities has been disclosed by Microsoft that affects all currently supported versions of Windows Server including 2008 R2, 2012, 2012 R2, 2016, and 2019. These vulnerabilities affect the Remote Desktop service and may allow an attacker to gain control over an affected server and use it to steal data, interfere with services, or propagate malware. All current versions of Windows for desktop computers are also affected. Microsoft has indicated these vulnerabilities are severe and very likely to be exploitable in the near future without user interaction.
Microsoft has confirmed that Windows XP, Server 2003 and Server 2008 are not affected. Linux distributions, such as CentOS, Debian, and Ubuntu, are not affected.
This vulnerabilities are not exploitable if you do not have the Remote Desktop service enabled, however it is enabled by default on servers and it is the most common method for managing a Windows server.
These vulnerabilities have been assigned CVE entries:
Microsoft published the following articles which contain additional information:
It is recommended that any affected customers immediately run Windows Update and restart the server after updates have been installed successfully. The following updates are required to resolve the vulnerabilities:
See the following sections for directions on how to install updates for supported Windows server versions. If you have any questions or need assistance performing these upgrades, please contact us and we'll be happy to help.
Windows Server 2016 & 2019
To install this update on Windows Server 2016 or 2019, follow these steps:
If there is no matching update listed in step 5, you may need to first install all other updates, restart your server, then return to the Windows Update screen until the update is available.
Windows Server 2008 R2, 2012, & 2012 R2
To install this update on Windows Server 2008 R2, 2012, or 2012 R2, follow these steps:
If there is no matching update listed in step 6, you may need to first install all other updates, restart your server, then return to the Windows Update screen until the update is available.