Microsoft has just released a fix for Remote Desktop Services vulnerabilities, including two serious remote code execution (RCE) vulnerabilities, namely CVE-2019-1181 and CVE-2019-1182 . Before repair "BlueKeep" Vulnerability (CVE-2019-0708) is similar , these two vulnerabilities also allow malicious software spread like worms, that means that any malware that exploit these vulnerabilities are likely vulnerable computer the spread between, without the need for user interaction.
Affected versions of Windows include : Windows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 R2 as well as all supported versions of Windows 10, including server version.
Windows XP, Windows Server 2003 and Windows Server 2008 are not affected, the Remote Desktop Protocol (RDP) itself is not affected.
Microsoft said there was no evidence that any third party is aware of these vulnerabilities, but because of the higher risks associated with these worms, vulnerabilities, and therefore security patches as soon as possible to the affected system is very important, have enabled automatic updates of Windows 10 users will be protection. For those who choose to manually update, they can click the search button and type "Windows Update" to access the update tool.
Finally, Microsoft recommends that Windows users follow the prompts to install security updates as soon as possible for the system.