Not rendering correctly? View this email as a web page here.
9-1-1 Cyber Alert
Alert: Microsoft RDP Flaw Requires Patch

On May 14th, Microsoft released a patch for CVE-2019-0708, a serious flaw in Remote Desktop (RDP) which allows an outsider to gain full access to a Windows machine without any authentication by sending malformed packets to a listening RDP server. This vulnerability has recently been dubbed "BlueKeep." It has been rumored that there may be an active exploit being sold on the dark web. This exploit has also been described as "wormable" which means we could see an outbreak on a similar level as Wannacry in the very near future. This is a matter of utmost importance to the safety of our networks!

All Microsoft Windows machines should apply their security fixes from Windows Update as soon as possible, especially if Remote Desktop is enabled. This means servers, workstations, and IoT running Windows. Microsoft has even released a fix for older Windows which have reached EOL, like XP and Server 2003 called KB4500705. https://support.microsoft.com/help/4500705 

If patches cannot be applied in a timely fashion it is recommended that RDP be shut off until the patch can be applied.

As always, SecuLore recommends that any RDP servers be used internal to networks only--that is, never open TCP 3389 to the Internet without first whitelisting intended outside hosts. RDP has a long history of serious vulnerabilities and this latest one is one of the worst. Using a VPN for remote access into a trusted network prior to using other remote access methodologies such as RDP is a good strategy.

Other Resources:

Stay cyber-safe,

SecuLore Support Team

 

SecuLore Solutions is a Public Safety company focused on cybersecurity - if you have concerns about your network, please contact us at info@SecuLore.com or visit us at www.SecuLore.com

Follow us on Twitter Follow us on Linkedin Follow us on Facebook