Microsoft RDS Remote Code Execution Vulnerabilities (CVE-2019-1181-1182)Threat Alert
September 10, 2019
-
Vulnerability Overview
On August 14, 2019, Beijing time, Microsoft released remote desktop (RDP) service fixes and patches for a series of vulnerabilities, including two critical remote code execution (RCE) vulnerabilities (CVE-2019-1181 and CVE-2019-1182). Similar to the BlueKeep vulnerability (CVE-2019-0708) previously fixed, vulnerabilities disclosed this time have characteristics of worms. In other words, attackers could exploit them to execute arbitrary code and spread worm viruses without needing user interactions. (more…)