CVE-2019-1181: Microsoft Windows BlueKeep-like Vulnerabilities Found
CYBER NEWS

CVE-2019-1181: Microsoft Windows BlueKeep-like Vulnerabilities Found

1 Star2 Stars3 Stars4 Stars5 Stars (Ingen stemmer endnu)
Loading ...

Microsoft Windows users should be well aware that there are a number of dangerous vulnerabilities which have recently been detected. They are four and appear to be very similar to the BlueKeep Flaw on which we reported earlier. These bugs allow malicious to carry out Remote Desktop Protocol (RDP) attacks and take over control of the target computers. The flaws are particularly dangerous as they allow easy access into thousands of hosts worldwide.




CVE-2019-1181: The Four BlueKeep-like Vulnerabilities Can Be Used in Global Attacks

Thousands of Microsoft Windows users are risk of being hacked due to a new set of vulnerabilities that have just been announced. Reports indicate that they are labeled as Bluekeep-Like due to the fact that they abuse a flaw in the Remote Desktop Protocol (RDP) used to carry out remote login sessions. This is particularly worrying in company networks where the hackers can easily penetrate several hosts at once.

The attacks can be done by using a special hacking tool that is capable of carrying out active RDP scanning against IP ranges. If an unpatched system is detected the platforms will instantly probe the hosts with the vulnerabilities. No user interaction is required to commit the flaws.

Relaterede:
CVE-2019-0708: BlueKeep Sårbarhed Leveraged Imod Hospitaler

The worrying factor is that the vulnerabilities affect many versions of the Microsot Windows operating system:

Windows Vista, Vinduer 7, Windows XP, Server 2003 og Server 2008

The four vulnerabilities that are part of this collection includes the following:

  • CVE-2019-1181 — A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. En hacker kunne derefter installere programmer; visning, lave om, eller slette data; eller oprette nye konti med komplette brugerrettigheder.
  • CVE-2019-1182 — A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. En hacker kunne derefter installere programmer; visning, lave om, eller slette data; eller oprette nye konti med komplette brugerrettigheder.
  • CVE-2019-1222 — A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. En hacker kunne derefter installere programmer; visning, lave om, eller slette data; eller oprette nye konti med komplette brugerrettigheder.
  • CVE-2019-1226 — A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. En hacker kunne derefter installere programmer; visning, lave om, eller slette data; eller oprette nye konti med komplette brugerrettigheder.

At the moment there are no known impacted systems and attacks in the wild. Instead of merely creating the possibility to take over control of the systems with a Trojan host the BlueKeep-like vulnerabilities can be used to implant dangerous threats such as ransomware eller cryptocurrency minearbejdere blandt andre. Microsoft has released security updates that should be applied as soon as possible to prevent any possible hacker abuse.

Avatar

Martin Beltov

Martin dimitterede med en grad i Publishing fra Sofia Universitet. Som en cybersikkerhed entusiast han nyder at skrive om de nyeste trusler og mekanismer indbrud.

Flere indlæg - Websted

Følg mig:
TwitterGoogle Plus

Efterlad en kommentar

Din e-mail-adresse vil ikke blive offentliggjort. Krævede felter er markeret *

Frist er opbrugt. Venligst genindlæse CAPTCHA.

Del på Facebook Del
Loading ...
Del på Twitter Tweet
Loading ...
Del på Google Plus Del
Loading ...
Del på Linkedin Del
Loading ...
Del på Digg Del
Del på Reddit Del
Loading ...
Del på Stumbleupon Del
Loading ...