No announcement yet.

[ARS] Four wormable bugs in newer versions of Windows


  • [ARS] Four wormable bugs in newer versions of Windows


    Similar to the so-called BlueKeep vulnerability Microsoft patched in May, the four bugs the company patched on Tuesday reside in Remote Desktop Services, which allow a user to take control of a remote computer or virtual machine over a network connection. The bugs—indexed as CVE-2019-1181CVE-2019-1182CVE-2019-1222, and CVE-2019-1226—make it possible to for unauthenticated attackers to execute malicious code by sending a specially crafted message when a protection known as Network Level Authentication is turned off, as many administrators in large organizations often do...


    “The vulnerabilities include the latest versions of Windows, not just older versions like in BlueKeep,” independent security researcher Kevin Beaumont told Ars. “There will be a race between organizations to patch systems before people reverse engineer the vulnerability from the patches to learn how to exploit them. My message would be: keep calm and patch.”

    Windows machines that have automatic updating enabled should receive the patch within hours if they haven’t already. Installing Tuesday’s patches is the single most effective way to ensure computers and the networks they’re connected to are safe against worms that exploit the newly described vulnerabilities. For people or organizations that can’t update immediately, a good mitigation is to “enable NLA and leave it enabled for all external and internal systems,” Beaumont said in a blog post.


    Nasty man! This could get bad before it gets better. Luckily updates will protect you... as long as you update. Back when these wannacry vrisues were going around, I was a data recovery engineer. The shear number of drives we got in with a virus similar to was amazing. 


    And worse, something like this could make incidents like Baltimore more commonplace. Either that, or start targeting health care, shipping and a good number of organizations slow to respond to stuff like this. 


    Well, here is to hoping people patch. 

      Posting comments is disabled.



    Article Tags


    Latest Articles