Microsoft released this month's edition of Patch Tuesday with fix for a highly critical vulnerability. This vulnerability (CVE-2019-0708), dubbed "Wormable vulnerability", resides in "Remote Desktop Services" component and could be exploited remotely by sending specially crafted requests over RDP(Remote Desktop Protocol) to a targeted system. This vulnerability is present in Windows 7, Windows Server 2008 R2, Windows Server 2008 and in older versions like Windows XP and Windows 2003 as well.
ManageEngine Patch Manager Plus now supports installation of these patches.
Name of the Vulnerability: Wormable vulnerability
CVE ID : CVE-2019-0708
Severity : Highly Critical
CVSS score : 9.8
Vulnerable OSes : Windows XP, Windows 2003, Windows 7, Windows Server 2008 R2, Windows Server 2008.
Exploitation status : Not exploited
ManageEngine highly recommends its users to install the latest patches to secure the endpoints from 'Wormable vulnerability'.
You can install the latest patches by looking for Patch IDs for respective applicable OSes
Patch ID - Applicable OS
26732 - Windows server 2003 64 bit
26733 - Windows server 2003
26734 - Windows server 2003
26731 - Windows XP 32 bit
26654 - Windows server 2008
26653 - Windows server 2008 32 bit
26655 - Windows server 2008R2
26657 - Windows 7 64 bit
26656 - Windows 7 32 bit
26673 - Windows server 2008 64 bit
26672 - Windows server 2008 32 bit
26674 - Windows server 2008 R2
26676 - Windows 7 64 bit
26675 - Windows 7 32 bit
Prerequisites for patching Windows XP machines via Patch Manager Plus :
Follow the knowledge base document to know about the prerequisites for patching machines that run Windows XP.