This month's Patch Tuesday release contains updates for nearly 80 CVEs including a patch for a critical remote code execution in Remote Desktop Services (RDP) as well as an elevation of privilege vulnerability in Windows Error Reporting that has been exploited in the wild.
CVE-2019-0708 is a critical Remote Desktop Services Remote Code Execution vulnerability. An unauthenticated attacker targeting vulnerable systems with Remote Desktop Protocol (RDP) enabled could exploit this flaw to gain remote code execution. It is highly likely that this vulnerability will be exploited in the wild in the near future as attackers develop exploit code. It is critically important for organizations and system administrators to apply patches as soon as possible to reduce their risk of compromise. While the advisory lists Windows 7,Windows Server 2008 and Windows Server 2008 R2 as affected, Microsoft is also releasing updates for out-of-support systems including Windows XP and Windows 2003.
"Microsoft also released a patch for CVE-2019-0863 which is an Elevation of Privilege vulnerability in Windows Error Reporting (WER). This flaw has been exploited in the wild and requires an attacker to already have access to the victim's system. The exploitation of this vulnerability could lead to arbitrary code execution in kernel mode, which is typically reserved for trusted functions of the operating system," said Satnam Narang, Senior Research Engineer at Tenable.
