The Radiflow Security Blog
By Radiflow CTO, Yehonatan Kfir
Microsoft recently released a set of fixes for Remote Desktop Services (RDP) that include two critical Remote Code Execution (RCE) vulnerabilities that allow hackers spread malware to infect both your PC and others without your knowledge or interaction.
Microsoft also confirmed that the flaws CVE-2019-1181 and CVE-2019- 1182 are “wormable” similar to the BlueKeep remote desktop protocol vulnerability discovered in May which many worry could lead to another global cyberattack like 2017’s WannaCry ransomware outbreak.
Mitigation of those vulnerabilities requires patching Windows systems and using network devices for authenticating RDP sessions. Radiflow recommends that our clients enable the Authentication Proxy (APA) in Radiflow‘s Secure Remote Access gateway and to block RDP connections.