Breach, Content

Microsoft Addresses Windows Remote Code Execution Vulnerabilities

Microsoft has released security updates to address the CVE-2019-1181 and CVE-2019-1182 remote code execution vulnerabilities, according to the U.S. Department of Homeland Security (DHS).

The security updates address the aforementioned remote code execution vulnerabilities across the following operating systems:

  • Windows 7 SP1
  • Windows Server 2008 R2 SP1
  • Windows Server 2012
  • Windows 8.1
  • Windows Server 2012 R2
  • Windows 10
  • Windows Server 2016
  • Windows Server 2019

Cybercriminals are using the Microsoft remote code execution vulnerabilities to take control of affected systems, DHS noted. The vulnerabilities also are considered "wormable," and once they infect a system, can propagate to other vulnerable systems.

Microsoft to Partners: Patch Windows Remote Code Execution Vulnerability

The Microsoft security updates come after the company in May told MSPs, MSSPs and other partners to patch the CVE-2019-0708 remote code execution vulnerability. Windows 8 and Windows 10 users were unaffected by CVE-2019-0708; however, partners running older versions of Windows that fail to patch the bug risk providing hackers with a wormable exploit.

Furthermore, Quasar open source remote administration tool (RAT) exploits for Windows were discovered earlier this year, according to DHS. Commercial antivirus programs enable organizations to monitor Quasar activity, and advanced persistent threat (APT) actors modified Quasar and created minor and major versions of the software to access target hosts and launch Quasar attacks.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.