Microsoft have advised that there are critical vulnerabilities in Remote Desktop Services that are wormable. Wormable means that the exploit could, in theory, be used not only to break into one computer but also spread itself on wards from there. Worms are the cause of many cyber headaches. They can easily replicate themselves to spread malicious malware to other computers in your network.
These new vulnerabilities can be exploited without user interaction by sending a specially crafted protocol message to RDS. Once in, an attacker could install program, change or delete date and create new accounts with full rights.
Q: How can this be resolved?
A: To protect against BlueKeep, we strongly recommend you apply the Windows Update, which includes a patch for the vulnerability. If you use Remote Desktop in your environment, it’s very important to apply all the updates. If you have Remote Desktop Protocol (RDP) listening on the internet, we also strongly encourage you to move the RDP listener behind some type of second factor authentication, such as VPN, SSL Tunnel, or RDP gateway.
Contact our team to find out whether your business is affected by this and for more information on an RDS Gateway.