CYBER NEWS

CVE-2019-1181: Microsoft Windows BlueKeep-like vulnerabilidades encontradas

usuários do Microsoft Windows deve estar bem ciente de que há uma série de vulnerabilidades perigosas que foram recentemente detectados. Eles são quatro e parece ser muito semelhante ao Flaw BlueKeep em que nós relatado anteriormente. These bugs allow malicious to carry out Remote Desktop Protocol (RDP) attacks and take over control of the target computers. The flaws are particularly dangerous as they allow easy access into thousands of hosts worldwide.




CVE-2019-1181: The Four BlueKeep-like Vulnerabilities Can Be Used in Global Attacks

Thousands of Microsoft Windows users are risk of being hacked due to a new set of vulnerabilities that have just been announced. Reports indicate that they are labeled as Bluekeep-Like due to the fact that they abuse a flaw in the Remote Desktop Protocol (RDP) used to carry out remote login sessions. This is particularly worrying in company networks where the hackers can easily penetrate several hosts at once.

The attacks can be done by using a special hacking tool that is capable of carrying out active RDP scanning against IP ranges. If an unpatched system is detected the platforms will instantly probe the hosts with the vulnerabilities. No user interaction is required to commit the flaws.

relacionado:
CVE-2019-0708: Vulnerabilidade BlueKeep enfrentados contra Hospitais

The worrying factor is that the vulnerabilities affect many versions of the Microsot Windows operating system:

Windows Vista, janelas 7, Windows XP, Servidor 2003 e Servidor 2008

The four vulnerabilities that are part of this collection includes the following:

  • CVE-2019-1181 — A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. Um intruso poderia então instalar programas; Visão, mudança, ou dados de exclusão; ou criar novas contas com direitos totais de usuário.
  • CVE-2019-1182 — A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. Um intruso poderia então instalar programas; Visão, mudança, ou dados de exclusão; ou criar novas contas com direitos totais de usuário.
  • CVE-2019-1222 — A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. Um intruso poderia então instalar programas; Visão, mudança, ou dados de exclusão; ou criar novas contas com direitos totais de usuário.
  • CVE-2019-1226 — A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. Um intruso poderia então instalar programas; Visão, mudança, ou dados de exclusão; ou criar novas contas com direitos totais de usuário.

At the moment there are no known impacted systems and attacks in the wild. Instead of merely creating the possibility to take over control of the systems with a Trojan host the BlueKeep-like vulnerabilities can be used to implant dangerous threats such as ransomware ou mineiros criptomoeda entre outros. Microsoft has released security updates that should be applied as soon as possible to prevent any possible hacker abuse.

Avatar

Martin Beltov

Martin formou-se na publicação da Universidade de Sofia. Como a segurança cibernética entusiasta ele gosta de escrever sobre as ameaças mais recentes e mecanismos de invasão.

mais Posts - Local na rede Internet

Me siga:
TwitterGoogle Plus

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

limite de tempo está esgotado. Recarregue CAPTCHA.

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...