Microsoft have released a set of security patches for two new vulnerabilities their team have discovered which affect Remote Desktop Services. These two critical Remote Code Execution (RCE) vulnerabilities, CVE-2019-1181 and CVE-2019-1182 are wormable, meaning they could spread within your network without any interaction from your users.

The systems affected are:

• Windows 7 SP1
• Windows Server 2008 R2 SP1
• Windows Server 2012
• Windows 8.1
• Windows Server 2012 R2
• Windows 10

At the moment, Microsoft do not believe that these vulnerabilities have yet been exploited by any third party. However, they advise that the affected systems should be patched quickly.

RedMosquito provide automated patch management to our IT Support customers throughout Scotland. Our customers all have peace of mind that their systems are fully protected from emerging threats as we work behind the scenes to apply all security updates to the SMEs we support, mitigating the risk associated with these and other issues.

With several key Microsoft products reaching end of life in January 2020, these releases highlight the importance of upgrading your operating systems before this date. The two main products are Windows 7 and Windows Server 2008 & 2008 R2. From January 2020, no security patches will be released so these products will expose your network to cyber security threats. It is vital that you upgrade your systems before that date. We have been supporting our customers through planned migrations to new systems throughout 2019. If you would like advice or support in this area, we are happy to help. You can contact us today for a chat with one of our Technical Consultants.

RedMosquito provide IT Support to SMEs in Glasgow, Edinburgh and throughout Scotland.