Microsoft Releases Emergency Remote Desktop Services Update

Last Updated: 05/15/2019

Security Notice Level

SEVERE

Microsoft has released an emergency update for a Remote Desktop Services vulnerability that may allow a remote attacker to take complete control of an affected system. This vulnerability is pre-authentication and requires no user interaction. Microsoft is taking an unusual step in providing updates to unsupported versions of Windows. According to Microsoft “the vulnerability is ‘wormable,’ meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017.” [1]

Affected Software

The IT Security Office advises owners of the software listed below update as soon as possible. 

  • Windows 7
  • Windows Server 2008
  • Windows Server 2008 R2
  • Windows XP (out-of-support)
  • Windows 2003 (out-of-support)

Security Bulletin Name

  • Prevent a worm by updating Remote Desktop Services (CVE-2019-0708)
  • CVE-2019-0708 (downloads for Windows 7, Windows 2008 R2, and Windows 2008)
  • CVE-2019-0708 (downloads for Windows 2003 and Windows XP)

Additional Information

Additional information about these vulnerabilities can be viewed at:

[1] https://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-up...
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2...
https://support.microsoft.com/en-us/help/4500705/customer-guidance-for-c...

If you have any questions, please contact the IT Service Center at 303-735-4357 (or 5-HELP from an on-campus phone) or help@colorado.edu. IT Service Center Hours.

Definitions for this notice:
Urgent: severity represents a broad threat to the entire campus community including remotely exploitable administrator or root type attacks.
Severe: severity includes worms & web or email based exploits. 
Important: severity includes viruses and local exploits for commonly used services.