Microsoft has released software updates to address a total of 79 vulnerabilities in its operating systems, including a critical wormable flaw that can propagate malware from computer to computer without requiring users’ interaction.
18 issues have been rated as critical and rest Important in severity. Two of the vulnerabilities addressed this month are listed as publicly known, of which one is listed as under active attack at the time of release.
Critical Wormable RDP Vulnerability
The wormable vulnerability (CVE-2019-0708) resides in Remote Desktop Services – formerly known as Terminal Services – that could be exploited remotely by sending specially crafted requests over RDP protocol to a targeted system.
The vulnerability could be exploited to spread wormable malware in a similar way as the WannaCry malware spread across the globe in 2017.
“This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system,” Microsoft said in an advisory detailing the Wormable vulnerability.
“While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.”
Microsoft has advised Windows Server users to block TCP port 3389 and enable Network Level Authentication to prevent any unauthenticated attacker from exploiting this Wormable flaw.
Other Important Vulnerabilities
Another issue is the Elevation of Privilege vulnerability (CVE-2019-0863) in Windows. The flaw is listed as publicly known and is already being actively exploited in limited attacks against specific targets.
Successful exploitation of the flaw could allow a low-privileged remote attacker to run arbitrary code in kernel mode with administrator privileges.
Another publicly disclosed vulnerability affects Skype for Android app. The vulnerability (CVE-2019-0932) could allow an attacker to listen to the conversation of Skype users without their knowledge.
To successfully exploit this vulnerability, all an attacker needs is to call an Android phone with Skype for Android installed that’s also paired with a Bluetooth device.
Many important-rated vulnerabilities also lead to remote code execution attacks, while others allow elevation of privilege, information disclosure, security bypass, spoofing tampering, and denial of service attacks.
For installing the latest security updates, you can head on to Settings → Update & Security → Windows Update → Check for updates on your computer, or you can install the updates manually.