In the last 24 hours, Critical Path Security has seen a couple of critical vulnerabilities that could affect your IT infrastructure and employee communication streams.
Here is what you need to know:
Microsoft Remote Desktop Services Remote Code Execution Vulnerability
Remote code execution vulnerabilities are considered to be the most effective means of breaching networks and spreading malware. It allows an adversary to compromise systems with relative ease. In most cases, this can result in circumvention of perimeter security technologies protecting internal corporate networks from attackers on the public Internet.
Microsoft has released a patch which fixes a serious remote desktop services remote code execution vulnerability (CVE-2019-0708). This vulnerability affects Windows XP, Vista, 7, Server 2003 and Server 2008. The patch has been made available to currently supported operating systems, which are Windows 7 and Windows Server 2008.
In a rare move, Microsoft is also releasing update for Windows XP and Server 2003.
https://support.microsoft.com/en-us/help/4500705/customer-guidance-for-cve-2019-0708
Additionally, Critical Path Security suggests turning off remote desktop services on Microsoft Window XP, Vista and Server 2003 to reduce the attack surface available to an attacker. If this is not possible, ensure that Network Level Authentication (NLA) is enabled on unsupported systems, and that remote desktop services (TCP port 3389) is not exposed to the public facing Internet.
The WhatsApp Vulnerability
WhatsApp is an extremely popular multi-device messaging application. WhatsApp users send approximately 65B messages and make 2B minutes worth of phone calls, per day. On May 14, 2019 Facebook/WhatsApp disclosed that it had suffered a critical vulnerability, where attackers are able to install spyware onto victims' phones. This enables attackers to monitor and record all activity. No user interaction, such as clicking a link, or answering a call, is necessary for an attacker to install their spyware.
The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15.
It is recommended that users update WhatsApp to the latest version.
Please do not hesitate to contact support@criticalpathsecurity.com with any questions.