4th June 2019

FAQs - Microsoft Windows security vulnerability

Suite of computers
Hiscox has alerted us of a Microsoft issue believed to potentially affect over 1 million devices

 

The computer flaw identified by Microsoft as 'CVE-2019-0708', that affects some older versions of Microsoft Windows.

The vulnerable systems at risk include; Windows 7, Windows Server 2008 R2, Windows Server 2008, Windows 2003 and Windows XP and the flaw is believed to potentially effect over 1 million devices.

For more information on the vulnerability and to download the security update from Microsoft’s website, click here

Hiscox has recently raised awareness of this vulnerability and provided answers to some questions you may have, below. 

What is CVE-2019-0708? CVE (Common Vulnerabilities and Exposures) is a list of publicly disclosed cyber security vulnerabilities and exposures. CVE-2019-0708 is a severe vulnerability in a feature called RDP found in older versions of Windows.

What is RDP? RDP (Remote Desktop Protocol) is a standard feature of older versions of Windows to allow a user to logon remotely to another windows machine. It's commonly used to connect to servers or other workstations located remotely (either in a data centre or another office location).

Which versions of Windows are affected? The full list of systems affected versions are here. This list includes Windows 7, Windows Server 2008 R2, Windows Server 2008, Windows 2003 and Windows XP

How serious is this? All vulnerabilities are ranked on the CVE scale of 1-10. This vulnerability is a 9.8 on the scale so it is deemed very serious. It also requires no user interaction or password to enter a system. An attacker who has successfully exploited this vulnerability would have complete access to a compromised system.

Is there currently an exploit for this vulnerability? At present a number of security research companies claim to have a working exploit for this, but none of them have released it. However the well-respected SANS institute in the US published guidance a week ago that stated “exploit development is active, and I don't think you have more than a week.”

How can I check which version of Windows I'm running? Microsoft provide a simple tool built into every version of Windows to check – click here for their instructions on how to run it.

What does ‘wormable’ mean? This term means this vulnerability could propagate from vulnerable computer to vulnerable computer by replicating copies of itself without the need for a host program or human interaction. A good example of a computer worm is the WannaCry malware that spread across the globe in 2017, infecting over 200,000 computers in a couple of days and having significant impact to services at a number of high-profile organisations.

What happens if the new security update isn't installed? If you don't install the new security patch, your Windows system, and eventually entire network, is at risk of being exploited. This vulnerability is the most severe type, which would allow an attacker to run their code on your machines. This means they can steal your data, use your machines to attack other companies or wipe and/or disable your machines.

How can I apply the update? Follow Microsoft’s instructions here . We strongly suggest you apply the update on a test or less critical service before rolling it out more widely.

What should I do if I have a Mac? Mac computers are not vulnerable to this particular vulnerability, but we would encourage you to keep all devices patched and up to date.

*Source - Hiscox - 31st May 2019

At Aston Lark, we are committed to helping our clients reduce their cyber risk exposure and would highly recommend you update your systems. If you would like any further information regarding cyber risk protection, get in touch with our cyber team today on 020 7543 2806 or cyber@astonlark.com.