Voicemod

Voicemod

Real-time voice changer that works with any application and comes equipped with an extensive collection of voices and ambient effects

FULL VERSION + CRACK
Flvto Youtube Downloader

Flvto Youtube Downloader

With this simple and intuitive application, you can swiftly download all your favorite online videos to your computer, in just a couple of moves

FULL VERSION + CRACK
Soni Typing Tutor

Soni Typing Tutor

Improve your typing speed with the help of this approachable application that provides you with a host of exercises as well as tests

FULL VERSION + CRACK
Dolby Access

Dolby Access

Take advantage of stunning sound quality and realism in your multimedia experiences, with sound that surrounds you with the help of this app that gives you a free trial of Dolby Atmos.

FULL VERSION + CRACK
Studio 3T for MongoDB

Studio 3T for MongoDB

Manage MongoDB databases with the help of this user-friendly and efficient application that offers a comprehensive set of advanced tools for the job

FULL VERSION + CRACK

IT News

May 24
Firefox 67 for Windows, macOS and Linux patches 21 security flaws, boasts a speed boost and includes new settings to better protect user privacy.
May 23
Dropping hardware prices, 5G boost business internet-of-things deployments; technical complexity encourages partnerships.
May 23
In the wake of last fall's Windows 10 rollout debacle, Microsoft put the follow-up version through additional testing. For enterprises, Windows 10 1903 is now ready for 'targeted deployment.'
May 22
The developer has released the first public preview of its revamped Edge browser for macOS, with a more stable version coming 'soon.'
May 22
Google renews its focus on enterprise augmented reality with the Glass Enterprise Edition 2; it packs a better camera and faster processor.
May 21
Windows 10 1809 - the ill-fated version initially launched last fall - powered just 29% of surveyed Windows 10 systems as of late April. It's a clear sign that Microsoft has largely stopped pushing 1809 to users.
May 21
HCL left employee passwords, customer project details, and other sensitive information exposed online with no authentication.

Categories

Microsoft urges Windows customers to patch wormable RDP flaw

Microsoft has fixed a critical vulnerability in some versions of Windows that can be exploited to create a powerful worm. The company even took the unusual step of releasing patches for Windows XP and Windows Server 2003, which haven't been supported in years, because it believes the threat to be very high.

The vulnerability, tracked as CVE-2019-0708, is located in Remote Desktop Services, formerly known as Terminal Services. This component handles connections over the Remote Desktop Protocol (RDP), a widely used protocol for remotely managing Windows systems on corporate networks.

What makes the vulnerability so dangerous is that it can be exploited remotely with no authentication or user interaction by simply sending a maliciously crafted RDP request to a vulnerable system. A successful attack can result in malicious code being executed on the system with full user rights, giving attackers the ability to install programs, modify or delete user data and even to create new accounts.

"In other words, the vulnerability is 'wormable', meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017," Simon Pope, director of Incident Response at the Microsoft Security Response Center, said in a blog post. "While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware."

WannaCry did not exploit a vulnerability in RDP, but in Microsoft's implementation of SMB, a file sharing and authentication protocol that's used on all Windows networks and is enabled by default. While the attacks are different, Pope's analogy to WannaCry is based on the ease of exploitation -- remotely with no authentication -- and the popularity of both protocols.

RDP has been a popular infection vector for malware threats in the past, particularly for ransomware, cryptominers and point-of-sale memory scrapers. Attackers typically steal or bruteforce RDP credentials in order to gain access to systems.

Earlier this year, the FBI shut down an underground marketplace called xDedic that was used to sell RDP access to tens of thousands of compromised servers over the course of several years. The prices ranged from $6 to $10,000, based on a server's geographic location, operating system and other criteria. This new RDP vulnerability would provide attackers with such access for free to an even larger number of servers and systems.

Legacy Windows systems at risk

The vulnerability affects Remote Desktop Services in Windows 7, Windows Server 2008 R2 and Windows Server 2008, as well as in legacy Windows versions that have reached end of life. In addition to supported Windows versions, Microsoft decided to release security updates for Windows XP, Windows XP Embedded and Windows Server 2003, probably because these Windows versions are still widely used in legacy environments and on specialized equipment like ATMs, medical devices, self-service kiosks, point-of-sale terminals and more.

It's worth noting that the destructive WannaCry and NotPetya ransomware worms both exploited known vulnerabilities that had patches available when they hit, yet the attacks still disrupted normal operations in hospitals, production plants, ports, railways and many businesses around the world. That's because many legacy systems and devices are used to run critical processes, so even when patches are available, their owners might not apply them for a very long time because they can't afford the downtime.

In the absence of immediate patching, the owners of such systems should take a more defense-in-depth approach by putting these devices on isolated network segments, disabling services that are not needed and using secure VPN solutions to access them remotely.

"Disable Remote Desktop Services if they are not required," Microsoft said in its advisory. "If you no longer need these services on your system, consider disabling them as a security best practice. Disabling unused and unneeded services helps reduce your exposure to security vulnerabilities."

Microsoft also suggests two workarounds for blocking attacks that might target this RDP vulnerability: Enabling Network Level Authentication (NLA) on systems running supported editions of Windows 7, Windows Server 2008, and Windows Server 2008 R2; and blocking TCP port 3389 at the enterprise perimeter firewall to prevent attacks that originate from the internet.

This story, "Microsoft urges Windows customers to patch wormable RDP flaw" was originally published by CSO.