Patch Now: Legacy Windows Zero-Day Vulnerability

Microsoft’s Patch Tuesday included a critical fix for a malicious vulnerability for Remote Desktop Services that impacts earlier versions of the Windows OS. Unpatched versions of Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows XP, and earlier are vulnerable to a newly discovered attack that checks all of the bad news boxes: remote, legacy, and fully exploitable.

Microsoft took the rare step of issuing a patch for these legacy systems, and all administrators should patch now to avoid the serious exploit. A patch for Windows XP has not been issued since WannaCry was discovered in 2017, highlighting the severity. The exploits require no user intervention to activate, and can spread rapidly from machine to machine - much like WannaCry. Also matching WannaCry, this vulnerability has a patch available now, before any known exploit.

The issue is tracked as CVE-2019-0708, with Monthly Rollups KB4499149 and KB4499164 and Security Updates KB4499175 and KB4499180 and their patches available for each impacted version of Windows. Most users will be able to automatically install the update, but Windows XP and Vista users will need to manually install the package.

Versions of Windows 8 and Windows 10 are not impacted.

How do I patch Windows devices with Automox?

Automox can keep you automatically patched even if you are using legacy systems with limited updates or support. Due to the limited support options available for systems older than Windows Server 2008 R2, Automox recommends that you set up a single Patch All or Patch Critical policy for these devices or look for opportunities to upgrade to Windows 10 or Windows Server 2019.

You can also find specific impacted systems from the Software page (if enabled). Log in to the console and click on the ‘Software’ icon found in the left navigation pane. In the search box on the ‘Software’ page, simply type KB4499164 or any other KB and hit enter. If devices are impacted, you will see a list of all impacted devices and versions, as well as information on severity and the associated CVE.

Screen Shot 2019-05-15 at 3.09.54 PM

Users on Windows XP and Vista will need to take extra steps to patch. Visit the Windows Update Catalog to manually install the package to any XP device.

Automox can help ensure your systems are adequately patched in a timely manner in order to protect your organization against any vulnerability such as Windows discussed here in detail. As a best practice, you should always ensure that you have at least one patch policy assigned to all of your devices for Critical, Medium, and Low severity patches. These updates are generally Security and Cumulative software updates. Automox is designed to automate your response to zero-day vulnerabilities like this and others across the Windows, MacOS, and Linux operating systems.

About Automox

Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.

Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.

Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.