The Radiflow Security Blog

New Vulnerabilities potentially allowing a “wormable” WannaCry-like outbreak
August 29, 2019

By Radiflow CTO, Yehonatan Kfir

Microsoft recently released a set of fixes for Remote Desktop Services (RDP) that include two critical Remote Code Execution (RCE) vulnerabilities that allow hackers spread malware to infect both your PC and others without your knowledge or interaction.

Microsoft also confirmed that the flaws CVE-2019-1181 and CVE-2019- 1182 are “wormable” similar to the BlueKeep remote desktop protocol vulnerability discovered in May which many worry could lead to another global cyberattack like 2017’s WannaCry ransomware outbreak.

Mitigation of those vulnerabilities requires patching Windows systems and using network devices for authenticating RDP sessions. Radiflow recommends that our clients enable the Authentication Proxy (APA) in Radiflow‘s Secure Remote Access gateway and to block RDP connections.

Clients should contact Radiflow to receive updates to iSID in order to detect those vulnerabilities and any malicious activity related to them.