On August 8th, Windows revealed four vulnerabilities in all currently supported Windows Operating Systems, such as: Windows 10, Windows 8.1, Windows 7 SP1, Windows Server 2008 R2, 2012, 2016, 2019, and more. Described as Critical, these vulnerabilities impact the Remote Desktop Protocol (RDP) and could allow an unauthenticated user to execute malicious code on systems not using Network Level Authentication (NLA).
This means someone can take control of a remote computer or virtual machine via network connection. Microsoft has provided security patches for the vulnerabilities and it is recommended that you patch any Microsoft systems immediately. Though there is no indication that these vulnerabilities are being actively exploited in the wild, the possibility of such actions have increased now that the vulnerabilities have been announced and patches have been released.
Enabling NLA may partially mitigate these vulnerabilities by requiring a valid network account before connecting to the target server. However, if an attacker has a valid network account, they would still be able to exploit the vulnerabilities in the target server, so immediate patching is still recommended.
Below are the Security Update Guides provided by Microsoft. Use them to learn more about the vulnerabilities and how to mitigate them:
Need help keeping your systems up to date? Utilize our Patch Management services—click the link below.