Bringing Windows up-to-date with MAY 2019 patch Tuesday update will provide protection

In the May 2019 patch cycle, Microsoft released a patch for a remote code execution bug in their Remote Desktop Services (RDS). A remote, unauthenticated attacker can exploit this vulnerability by sending crafted RDP messages to the target server. Successful exploitation can result in the execution of arbitrary code with administrative privileges – meaning the bug is wormable. While our initial research into this bug focused on mitigations and protections, Pengsu Cheng, Kamlapati Choubey, and Saran Neti of the Trend Micro Security Research Team worked to complete a thorough analysis of the vulnerability. The following is an excerpt from their Trend Micro Vulnerability Research Service report covering CVE-2019-0708, with a few minimal modifications.

When Microsoft patched this vulnerability for their supported OSes, they made the decision to also release patches for the now unsupported Windows XP and Windows Server 2003 systems. That’s an indication of how severe they believe this vulnerability to be. There has also been some talk of active exploitation detected, but there’s definitely no doubting the exploitability of this vulnerability. This bug clearly earns its Critical rating, and affected systems should be patched as soon as possible. For those still on Windows XP or Server 2003, this is yet another reminder to get an upgrade plan in place. Microsoft may have released patches for this vulnerability, but chances of them releasing future patches for these now ancient systems lowers with each passing release.