Microsoft Addresses Windows Remote Code Execution Vulnerabilities
The security updates address the aforementioned remote code execution vulnerabilities across the following operating systems:
- Windows 7 SP1
- Windows Server 2008 R2 SP1
- Windows Server 2012
- Windows 8.1
- Windows Server 2012 R2
- Windows 10
- Windows Server 2016
- Windows Server 2019
Cybercriminals are using the Microsoft remote code execution vulnerabilities to take control of affected systems, DHS noted. The vulnerabilities also are considered “wormable,” and once they infect a system, can propagate to other vulnerable systems.
Microsoft to Partners: Patch Windows Remote Code Execution Vulnerability
The Microsoft security updates come after the company in May told MSPs, MSSPs and other partners to patch the CVE-2019-0708 remote code execution vulnerability. Windows 8 and Windows 10 users were unaffected by CVE-2019-0708; however, partners running older versions of Windows that fail to patch the bug risk providing hackers with a wormable exploit.
Furthermore, Quasar open source remote administration tool (RAT) exploits for Windows were discovered earlier this year, according to DHS. Commercial antivirus programs enable organizations to monitor Quasar activity, and advanced persistent threat (APT) actors modified Quasar and created minor and major versions of the software to access target hosts and launch Quasar attacks.