SandStorm IT

Power On

  • Services
    • Managed IT Services
    • Servers & Networks
    • Business Computers & Support
    • Cloud Services & Data Backup
    • Custom Software Development
    • VoIP Telephone Solutions
    • Custom Web Design
    • Disaster Recovery Solutions
    • Security & Compliance
    • IT Consulting
  • Technologies
  • Pricing
  • Work
  • About
    • Our History
    • Our Team
    • Careers
    • Press
  • Blog
  • Contact
    • (901) 475-0275
  • Help Me

Remote Desktop Vulnerability discovered in Windows XP, Windows 2003 & Windows 7.

May 17, 2019 By Jeff Fowler

A recent update from Microsoft addresses a vulnerability in the Remote Desktop Service used in older versions of Windows, namely Windows XP, Windows Server 2003 and Windows 7. Given that both XP and Windows Server 2003 has been End-of-Life for a few years now, this is an unusual action for Microsoft.

 

 

Here’s what Microsoft is saying about the vulnerability:

 

“A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

 

To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.

 

The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests.”

 

By releasing this update, it’s likely that Microsoft is just trying to prevent a serious security issue for anyone still running older Operating Systems. As you may know, there are still quite a few users still using Windows 7 and even Windows XP. NetMarketShare reports that around 36% of users are still using Windows 7 and over 3% are still using Windows XP. While Windows 7 is still supported at the moment, it will soon be going End-Of-Life as well.

 

Simon Pope from Microsoft has this to say:

“While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware”.

 

If you are still running Windows 7 or XP, we strongly suggest installing this update as soon as possible. As a better long term solution, SandStorm IT encourages everyone to update to Windows 10 as soon as possible to avoid potential security risks. If you have any questions about operating system security or any other technology questions, please contact SandStorm IT at 901-475-0275.

 

Related Posts

  • 6 Windows Keyboard Shortcuts You May Not Know
  • 6 More Windows Keyboard Shortcuts You May Not Know
  • How much longer can I keep running Windows 7?
  • Security Alert - Update Warning for Microsoft Windows 7, Windows 8.1 and Windows 10
  • Windows Server 2008 R2 End-of-Life Support is Near

Categories: Business, Cybersecurity, Desktop Operating Systems, Networking, News, Security Alerts & Vulnerabilities

Subscribe to Our Newsletter

Check your inbox or spam folder now to confirm your subscription.

SANDSTORM IT BLOG

Featured
News
Press Releases
SandStorm News
Security Alerts & Vulnerabilities
Managed Services
Managed Anti-Virus/Anti-Malware
Managed Backups & Monitoring
Updates/Patches
Passwords
Cybersecurity
Spyware/Malware/Viruses
Social Engineering/Phishing
Ransomware
Data Breaches/Leaks
Other
Servers
Server & Server Hardware
Cloud/Serverless Computing
Server Operating Systems
Networking
Wired Networking
Wireless/Wi-Fi
Internet of Things (IoT)
5G & Mobile Networking
Business
General Business
Enterprise Resource Planning (ERP)
Voice & Telephony
Backups & Business Continuity
On-Site Backups
Cloud Backups
DR/BCM Planning & Consulting
Personal Computing
Tips/Tricks/Shortcuts
Troubleshooting
Hardware & Peripherals
Desktop Operating Systems
Software & Applications
Office Applications
Desktop Software
Email Software and Applications

Authors

Authors
Doyle Sanders
Jake Sanders
Jordan Sanders
Justin Oliver
Matt Ballard
Robert Cleveland
Cristian Colón
Jacob Ellis
Jeff Fowler
Miker Irick
Curtis Mayo
Josh Restuccio
Lindsey Sanders
Matthew Stafford
Josh Yarbrough

Give Us a Call

(901) 475-0275
61 Atoka-McLaughlin Dr.
Atoka, TN 38004

About SandStorm IT

SandStorm IT is a team of committed professionals who are dedicated and excited to solve your technology needs.  We accomplish this through understanding your business and then applying the appropriate technology solutions to meet the needs.

Our breadth of experience with information technology covers a range of diverse skill sets such as server setup and configuration, network and firewall solutions, VoIP telephone systems, web and database hosting, custom web application programming, mobile development, and IT security practices and policies.

SandStorm IT has the desire, expertise, and commitment to bring your vision to life.

  • Services
  • Technologies
  • Pricing
  • Work
  • About
  • Blog
  • Contact
  • Help Me
Authorized Solution Provider