Two weeks after warning about a critical Remote Desktop Services vulnerability, Microsoft is concerned that about one million computers connected to the Internet are unpatched and vulnerable to attacks.
There is a danger that CVE-201
In a blog post Simon Pope, Director According to the Microsoft Security Response Center (MSRC), it has been two weeks since the fixes for a critical remote code execution vulnerability have been released in Remote Desktop Services. He points to the 2017 WannaCry crisis as an indication of what might happen if users do not take steps to secure their systems.
Microsoft is confident that there is an exploit for this vulnerability and states that it has up-to-date reports. In fact, nearly one million computers connected directly to the Internet are still vulnerable to CVE-2019-0708 . Many more in corporate networks can also be vulnerable. All you need is a vulnerable computer connected to the Internet to provide a potential gateway to those corporate networks where advanced malware can spread and infect computers across the enterprise. This scenario could be even worse for those who have not updated their internal systems with the latest updates, as future malware may also try to exploit vulnerabilities that have already been addressed.
Only two weeks have passed since the update and there was no sign of a worm. This does not mean that we are not in the woods.
If you have not already installed the patch on your computer, now is the time. Microsoft offers downloads for Windows 7, Windows 2008 R2 and Windows 2008 as well as for Windows Vista, Windows 2003 and Windows XP.
Photo credits: Bumble Dee / Shutterstock