McMaster IT Security Alert (May 15, 2019): Microsoft Updates Notice

Microsoft is warning customers about a critical vulnerability in the Remote Desktop Protocol (RDP). This vulnerability is capable of being exploited in a way that would allow attackers to automatically spread malware (i.e., a worm), and there is evidence that the vulnerability is currently being exploited. The vulnerability affects RDP on older Microsoft operating systems, including WindowsXP, Windows 7, Windows Server 2008 and Windows Server 2003.

McMaster IT support providers have been notified. If you have any questions related to this alert, please contact University Technology Services (UTS) at uts@mcmaster.ca or ext. 2-HELP (24357).

RDP is the protocol that is used to enable people to connect to remote computers. It is strongly recommended that users and administrators configure their systems to prevent untrusted connections to RDP. Don’t expose RDP to untrusted networks such as the public internet.

Recent Microsoft operating systems such as Windows 10, Windows 8, and Windows Server editions 2012 and later are not affected by vulnerable to this vulnerability. However, it is still recommended that you install security updates automatically or as soon as possible after they are released.

This threat is significant enough that Microsoft has taken the unusual step of releasing patches for operating systems that are out of support, including WindowsXP and Windows Server2003.

More information about this threat can be found here:

• https://support.microsoft.com/en-gb/help/4500705/customer-guidance-for-cve-2019-0708
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708
• https://nakedsecurity.sophos.com/2019/05/15/update-now-critical-remote-wormable-windows-vulnerability/