New vulnerability affecting Windows 7 and earlier versions

29 May 2019 - 11:15

ICTS has been made aware of a new vulnerability affecting the Remote Desktop Service (RDS) on Windows 7, XP, Server 2003 and Server 2008. RDS allows you to access your UCT computer when you are off campus and logged into the UCT VPN, provided you previously set it up to do so.

Vulnerability impact

The attack takes place undetected using pre-authentication. Once connected to the device, the attacker can use it to spread malware and exploits, as well as install programs, view, change, or delete data, or create new accounts with full user rights.

What do I need to do?

Due to the severity of the vulnerability, Microsoft has released updates via the Microsoft Update Catalog and WSUS, despite some of the affected Windows versions no longer being supported.

If your computer is set up to accept updates via WSUS, it will automatically receive the update at 2pm today and be protected. Your Windows computer may be forcibly restarted to apply patches to the operating system.

If your computer is not set up to accept updates via WSUS, we encourage you to install the required update as soon as possible to ensure your machine as well as the UCT network remains protected. Once installed, follow these recommended remediations tips provided by Microsoft:

  • Disable Remote Desktop Services if not required
  • Regularly run a full anti-virus scan on your machine
  • Ensure the anti-virus on your machine is up-to-date
  • Keep your firewall turned on
    Note: This could affect the remote desktop functionality of your machine.