Microsoft has released a set of fixes for Remote Desktop Services that include two critical Remote Code Execution (RCE) vulnerabilities, CVE-2019-1181 and CVE-2019-1182. Like the previously-fixed ‘BlueKeep’ vulnerability (CVE-2019-0708), these two vulnerabilities are also ‘wormable’, meaning that any future malware that exploits these could propagate from vulnerable computer to vulnerable computer without user interaction.
A security vulnerability that affects Windows computers running on 64-bit Intel and AMD processors could give an attacker access to your passwords, private conversations, and any other information within the operating system kernel memory. Users are advised to update Windows in order to mitigate against this new CPU "SWAPGS attack" risk.
It is important that affected systems are patched as quickly as possible.
Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows.
Windows DNS Server Heap Overflow Vulnerability
A widespread WiFi vulnerability was revealed on Monday that affects nearly every desktop and mobile device, as well as IoT devices and routers.
Ransomware Attacks Critical Systems Worldwide
Many organizations across the globe were victims of a malicious software attack on Friday. “WannaCrypt” is a type of known attack which locks and prevents access to critical systems and information. Both Microsoft and KiZAN have been monitoring the developments closely, and we want to share the information and the resources that are available.
Newly discovered flaw in Intel’s Active Management Technology (AMT) firmware is worse than previously thought.