Discovered: 4 New BlueKeep-like ‘Wormable’ Windows Remote Desktop Flaws


You need to install the latest security updates from Microsoft immediately if you are one of the users who are using any supported version of the Windows Operating System (OS). Windows operating system off lately contains four new critical wormable, remote code execution vulnerabilities in Remote Desktop Services that are similar to the recently patched ‘BlueKeep’ RDP vulnerability.

Image Source:

Having been discovered by the security team of Microsoft, all the for vulnerabilities have been identified as CVE-2019-1181, CVE-2019-1182, CVE-2019-1222, and CVE-2019-1226, while all of them can be exploited by the unauthenticated remote attackers to take the control of an infected computer system without the requirement of any user interaction. Similar to the BlueKeep RDP Flaw, all four newly discovered vulnerabilities are also wormable and could be exploited by potential malware in order to propagate itself from one vulnerable computer to another automatically.

Although the initial two vulnerabilities affect all the supported versions of the Windows operating system, the second set of flaws (1222 and 1226) just affects the Windows 10 and Windows Server Editions. The new wormable vulnerabilities neither affect Windows XP, Windows Server 2003, and Windows Server 2008 nor affect the Remote Desktop Protocol (RDP) itself that Microsoft developed for the Remote Desktop Services. Instead of these, the vulnerabilities reside in Remote Desktop Service that is formerly known as the Terminal Services and could be exploited by the unauthenticated, remote attackers by sending specially crafted requests over the RDP protocol to a targeted system.


Besides this, Microsoft also states that the company has found “no evidence regarding the fact that these vulnerabilities were known to any third party,” or being exploited in the wild. If left unpatched for the longest time, these security vulnerabilities could permit the attackers to spread the wormable malware in a similar way as the infamous WannaCry and NotPetya malware was spread across the globe back in 2017.

Besides all of these four critical security flaws, Microsoft has also patched 89 other vulnerabilities as part of the company’s monthly batch of software security updates for August, 25 of which are rated critical and 64 most important in severity. The August 2019 Patch Tuesday security updates included the patches for various supported versions of Windows and other Microsoft products, combining Internet Explorer, Edge, Office, ChakraCore, Visual Studio, Online Services, and Active Directory Microsoft Dynamics. All the critical vulnerabilities listed this month has impacted various versions of the Windows 10 operating system and Server editions and mostly reside in the Chakra Scripting Engine, with some that also reside in Windows Graphics Device Interface (GDI), Word, Outlook, Hyper-V, and VBScript Engine, LNK, and Windows DHCP Server.

Some of the important-rated vulnerabilities have also lead to remote code execution attacks, while the majority of them permit elevation of privilege, denial of service (DDoS), information disclosure, security bypass, spoofing, tampering, and as well as cross-site scripting attacks.

Users and system administrators are highly recommended with immediate effect to apply the latest security patches in the bid to keep the cybercriminals and hackers away from taking control of their computers. For installing the latest security updates, you can adhere to the following:

Settings → Update & Security → Windows Update → Check for updates on your computer, or you can simply install the updates manually following the instructions.

Source: The Hacker News

Disclaimer: does not promote or endorse claims that have been made by any parties in this article. The information provided here is for the general purpose only and unintended to promote or support purchasing and/or selling of any products and services or serve as a recommendation in the involvement of doing so. Neither nor any member is responsible directly or indirectly for any loss or damage caused or alleged to be caused by or in relation with the reliance on or usage of any content, goods or services mentioned in this article.

Tags: #.onion_Links #Dark_net_Links #Dark_net_Sites_Links #.onion_Hidden_Links #Hidden_Wiki


Please enter your comment!
Please enter your name here