1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. OS Attack: Microsoft Windows Remote Desktop Services RCE CVE-2019-0708

OS Attack: Microsoft Windows Remote Desktop Services RCE CVE-2019-0708

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a remote code execution vulnerability in Microsoft Windows Remote Desktop Services.

Additional Information

Remote Desktop Services (formerly known as Terminal Services) is the components of Microsoft Windows that allow a user to take control of a remote computer or virtual machine over a network connection.

Microsoft Windows is prone to a remote code-execution vulnerability. Specifically, this issue exists in the Remote Desktop Services. An attacker can exploit this issue by connecting to the target system using 'RDP' and sends specially crafted requests.

Note: To exploit this issue, an attacker needs to send a specially crafted request to the target systems Remote Desktop Service through RDP. This issue requires no user interaction.

Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will cause denial-of-service conditions.

Affected

  • Various Windows Platforms.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube