Inuvika Update Regarding CVE-2019-1181 and CVE-2019-1182 (Remote Desktop Services remote code execution vulnerability)
Übersicht
New third party security vulnerabilities have been identified that impact multiple versions of Microsoft Windows desktop and server products. The vulnerabilities exist in Microsoft Remote Desktop Services.
This update is intended to advise Inuvika customers and partners on possible risks to OVD environments that use Microsoft Windows application servers.
Auswirkungen auf OVD Enterprise
The identified issues do not directly impact OVD Enterprise service components. However, customers who use any of the following versions of supported Windows application servers within their OVD environment are encouraged to evaluate possible security risks:
- Windows Server 2008 R2 SP1
- Windows Server 2012 R2
- Windows Server 2016
Additional versions of Windows desktop and server are also affected. Please refer to Microsoft’s advisory for a full list of products affected.
Inuvika prüft die Situation weiter und wird seine Kunden über alle direkten Auswirkungen auf die Produkte und Dienstleistungen von Inuvika informieren.
Aktuelle Empfehlung für OVD Enterprise-Kunden
Inuvika empfiehlt seinen Kunden, die bewährten IT-Verfahren zu befolgen und die vom Hersteller empfohlenen Wartungsupdates durchzuführen, sobald sie veröffentlicht werden.
Customers who use Windows application servers impacted by these vulnerabilities are encouraged to apply Microsoft’s recommended security patches as quickly as possible.
Überprüfen Sie nach der Anwendung eines Patches, ob die Komponente wie erwartet funktioniert.
Ressourcen
Microsoft has released patches for all affected versions of Windows Operating System. ref: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181
Microsoft Security Response Center: Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182)
Inuvika Ressourcen unterstützen
In den Nachrichten
Patch time! Microsoft warns of new worm-ready RDP bugs
Microsoft Fixes Critical Windows 10 Wormable Remote Desktop Flaws