Microsoft released this month's edition of Patch Tuesday with fix for a highly critical vulnerability. This vulnerability (CVE-2019-0708), dubbed "Wormable vulnerability",  resides in "Remote Desktop Services" component and could be exploited remotely by sending specially crafted requests over RDP(Remote Desktop Protocol) to a targeted system.  This vulnerability is present in Windows 7, Windows Server 2008 R2, Windows Server 2008 and in older versions like Windows XP and Windows 2003 as well. 

 

ManageEngine Desktop Central now supports installation of these patches.

 

Name of the Vulnerability: Wormable vulnerability

CVE ID : CVE-2019-0708

Severity : Highly Critical

CVSS score : 9.8

Vulnerable OSes : Windows XP, Windows 2003, Windows 7, Windows Server 2008 R2, Windows Server 2008.

Exploitation status : Not exploited

 

ManageEngine highly recommends its users to install the latest patches to secure the endpoints from 'Wormable vulnerability'. 

 

You can install the latest patches by looking for Patch IDs for respective applicable OSes

 

Patch ID - Applicable OS

26733 - Windows server 2003

26734 - Windows server 2003

26731 - Windows XP 32 bit

26654 - Windows server 2008

26653 - Windows server 2008 32 bit

26655 - Windows server 2008R2

26657 - Windows 7 64 bit

26656 - Windows 7 32 bit

26673 - Windows server 2008 64 bit

26672 - Windows server 2008 32 bit

26674 - Windows server 2008 R2

26676 - Windows 7 64 bit

26675 - Windows 7 32 bit

 

Prerequisites for patching Windows XP machines via Desktop Central: