1 min read

Microsoft warns of wormable vulnerabilities in Windows


August 14, 2019

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Microsoft warns of wormable vulnerabilities in Windows

On the second Tuesday of every month, regular as clockwork, Microsoft releases a bundle of security patches for its software and urges companies and home users to update their systems before vulnerabilities are exploited by malicious hackers.

Sure enough on this month’s Patch Tuesday, earlier this week, the company rolled out updates for its customers, but amongst them are fixes for two critical vulnerabilities which could be exploited by a fast-moving worm.

As Microsoft’s security team explains in a blog post, the remote code execution vulnerabilities could be abused by malware to spread from computer to computer without requiring any user interaction.

The flaws, CVE-2019-1181 and CVE-2019-1182, lurk within Microsoft”s Remote Desktop Service on Windows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, and all supported versions of Windows 10, including server versions.

Microsoft says that older versions of their software – Windows XP, Windows Server 2003, and Windows Server 2008 – are not affected. Furthermore, in Windows 10 Remote Desktop is disabled by default, meaning that companies are more likely to be at risk if they had deliberately chosen to enable the feature.

The good news is that Microsoft found the flaws itself as part of an ongoing process of strengthening the security of its code, and there have been no reports of the vulnerabilities of the exploits being taken advantage of by hackers in the wild.

That’s obviously comforting, but no reason for complacency. If a hacker was able to successfully exploit the flaws then they could potentially create a worm capable of spreading with the ferocity of past high profile attacks such as WannaCry.

Microsoft’s advice? Patch your computers at your earliest opportunity. It would also make sense to disable Remote Desktop Services if it is not required.

Just a few months ago Microsoft released security patches designed to fix the “BlueKeep” vulnerability, another flaw that it was feared could be exploited by a malicious worm to spread around the world.




Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.

View all posts

You might also like