CVE-2019-0708: Remote Desktop Services Remote Code Execution Vulnerability Alert

On May 14, 2019, Microsoft officially released a security patch that fixed a remote code execution vulnerability in Windows Remote Desktop Services (CVE-2019-0708) that affected some older versions of Windows. This vulnerability is unauthenticated and requires no user interaction, which means that this vulnerability can be exploited by means of a network worm. Any malware that exploits this vulnerability could spread from an infected computer to another vulnerable computer in a similar manner to the WannaCry malware.

Remote Desktop Protocol

After research and judgment, we confirmed that the vulnerability is serious, and it is recommended that the user immediately perform patch update processing.

Affected version

  • Windows 7
  • Windows Server 2008 R2
  • Windows Server 2008
  • Windows 2003
  • Windows XP

Unaffected version

  • Windows 8
  • Windows 10

Solution

The following mitigation may be helpful in your situation. In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you plan to leave Remote Desktop Services disabled:

1. Disable Remote Desktop Services if they are not required.

If you no longer need these services on your system, consider disabling them as a security best practice. Disabling unused and unneeded services helps reduce your exposure to security vulnerabilities.