Microsoft plugs wormable RDP flaw, new speculative execution side channel vulnerabilities

2019-05-15 09:33

For May 2019 Patch Tuesday, Microsoft has released fixes for 79 vulnerabilities, 22 of which are deemed critical. Among the fixes is that for CVE-2019-0708, a “wormable” RDP flaw that is expected to be weaponised by attackers very soon. About CVE-2019-0708 It’s a remote code execution vulnerability in Remote Desktop Services (formerly known as Terminal Services) that allows unauthenticated attackers to connect to the target system using RDP and send specially crafted requests. The flaw … More → The post Microsoft plugs wormable RDP flaw, new speculative execution side channel vulnerabilities appeared first on Help Net Security.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/WfbWE9OVXF0/

#microsoft #RDP #sidechannel #vulnerabilities #CVE-2019-0708

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2019-05-16	CVE-2019-0708	Use After Free vulnerability in Microsoft products A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. network low complexity microsoft CWE-416 critical	10.0

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Microsoft		674	804	4455	4133	3701	13093

News URL

Related news

Related Vulnerability

Related vendor