The German Federal Information Security Agency (BSI) has issued a press release on a critical vulnerability in Remote Desktop Services (Remote Desktop Services) of some versions of Windows that can be used remotely and without authentication.
Microsoft closed the vulnerability with the CVE-201
All versions of Windows Client and Windows Server are affected by CVE-2019-0708 through Windows 7 and Windows Server 2008 – except for Windows 8 and 10 .
Microsoft confirms BSI's assessment in its own security statement: CVE-2019-0708 is really "wormable".  Automated malicious code spread risk
To clarify the threat caused by the vulnerability, the press release cites BSI President Arne Schönbohm, who says, "This critical vulnerability can lead to attacks that are as devastating as 2017 WannaCry had to experience." 19659003] In May 2017, Ransomware WannCry paralyzed over hundreds of thousands of Windows systems and hit the infrastructure large corporations and authorities. Among other things, it spread by utilizing known vulnerabilities as a classic computer mask from one network computer to the next.
No active utilization observed than
To date, neither BSI nor Microsoft has seen a case in which the gap was actually used actively. But both agree that this will probably change soon.
Users of potentially vulnerable systems should update them immediately. If you use versions of Windows that Microsoft no longer supports, such as XP or Server 2003, you may need to download the updates manually. Microsoft Security Advisory provides links to all available downloads.
BSI also recommends disabling remote desktop services if not used. Otherwise, external connections should be limited to specific network areas or addresses, and the remote desktop protocol log files should be logged for control purposes.