On May 14, 2019, Microsoft has announced a new vulnerability that exists in older versions of Windows. The vulnerability could lead to new self-propagating malware that bears a striking resemblance to the infamous WannaCry that wreaked havoc on systems around the globe in 2017. The National Cyber Coordination and Command Centre (NC4) would like to advise all users of older version of Microsoft Windows to update your Windows by downloading and installing update as recommended by Microsoft to mitigate this issue.
Malicious code execution & Denial of Service
Microsoft has recently released a statement of a security flaw found in their older version of Windows operating systems, which enable attackers to remote code execute targets' machine. The vulnerability, which has been classified as CVE-2019-0708, is a remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability, which is called BlueKeep is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Based on alert from Microsoft, they are confident that an exploit exists for this vulnerability and nearly one million computers connected directly to the Internet are still vulnerable to CVE-2019-0708. Given the potential impact to customers and their businesses, Microsoft made the decision to make security updates available for affected platforms that are no longer in mainstream support. These updates are available from the Microsoft Update Catalog only. NC4 recommend that all users running one of these operating systems to download and install the update as soon as possible.
The following Microsoft Windows Operating Systems:
NC4 advises agencies to take the following actions: