Bug in Microsoft RDP allows hackers perform WannaCry level attack


A critical remote execution vulnerability in Microsoft remote desktop services enables let attackers compromise the vulnerable system with WannaCry level malware.

Microsoft recently fixed this RCE vulnerability in Remote Desktop Services – formerly known as Terminal Services, and it’s affected some of the old version of Windows.

A WannaCry attack was one of the notorious cyber attacks in this decade, and it shut down million of computer around the world by exploiting the vulnerability in the RDP protocol.

In this case, Remote Desktop Protocol (RDP) itself is not vulnerable, but attackers need to perform pre-authentication, and it doesn’t require user interaction.

This vulnerability didn’t have any exploit at this time, but in the future, an attacker will create a malware that exploits this vulnerability in a similar way of WannaCry attack.

Vulnerable in-support systems include Windows 7, Windows Server 2008 R2, and Windows Server 2008 and also out of support versions Windows 2003 and Windows XP.

3 Million Endpoints are Vulnerable to This RCE Bug

Initially, an unauthenticated attacker will send the specially crafted malicious request to the vulnerable systems after they establish a connection through RDP.

According to Microsoft, This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

An Independent researcher Kevin Beaumont said, based on the Shodan search engine, around 3 million RDP endpoints are directly exposed to the internet.

“There is partial mitigation on affected systems that have Network Level Authentication (NLA) enabled. The affected systems are mitigated against ‘wormable’ malware or advanced malware threats that could exploit the vulnerability, as NLA requires authentication before the vulnerability can be triggered.” Microsoft said.

According to Simon Pope, Director of Incident Response, Microsoft Security Response Center (MSRC) “Customers running Windows 8 and Windows 10 are not affected by this vulnerability”.

U.S. Supreme Court Allows App Store Monopoly Lawsuit to Go Forward

The United States Supreme Court is allowing an antitrust lawsuit against Apple ^(https://www.appmarsh.com/link/https://www.appmarsh.ca/news/apple-supreme-court/) to proceed.

According to a new report ^(https://www.appmarsh.com/link/https://www.cnbc.com/2019/05/13/supreme-court-rules-against-apple-in-app-store-antitrust-case.html) from CNBC, the United States Supreme Court ^(https://www.appmarsh.com/link/https://www.appmarsh.ca/news/apple-supreme-court/) ruled Monday that a group of iPhone users can move forward with their suit against Apple over allegations the company has built an illegal monopoly on the sale of applications for the smartphone.

The justices, in a 5-4 ruling, upheld a lower court’s decision to allow the proposed class action lawsuit to proceed ^(https://www.appmarsh.com/link/https://www.appmarsh.ca/news/apple-supreme-court-app-store/). The plaintiffs said the Cupertino, California-based company required apps to be sold through its App Store and extracted an excessive 30% commission on purchases.

“Apple’s alleged anticompetitive conduct may leave Apple subject to multiple suits by different plaintiffs,” the Court noted in its ruling.

Apple does not allow customers to download apps from any other source other than the App Store ^(https://www.appmarsh.com/link/https://www.appmarsh.ca/news/game-app-store/). Unlike Android, iOS customers can only get apps from that official source, which Apple says serves as a kind of quality control to weed out security threats and apps that violate the company’s terms of service.

Conservative Justice Brett Kavanaugh, an appointee of President Donald Trump ^(https://www.appmarsh.com/link/https://www.appmarsh.ca/news/trump-iphone-russia-china/), joined the court’s four liberal justices to rule against Apple.

“Apple’s line-drawing does not make a lot of sense, other than as a way to gerrymander Apple out of this and similar lawsuits,” Kavanaugh wrote, rejecting Apple’s defense. “In particular, we fail to see why the form of the upstream arrangement between the manufacturer or supplier and the retailer should determine whether a monopolistic retailer can be sued by a downstream consumer who has purchased a good or service directly from the retailer and has paid a higher-than-competitive price because of the retailer’s unlawful monopolistic conduct. As the Court of Appeals aptly stated, ‘the distinction between a markup and a commission is immaterial.’”

The Supreme Court did not rule on the customers’ likelihood of success — only that they have the right to sue. Apple ^(https://www.appmarsh.com/link/https://www.appmarsh.ca/news/apple-card-packaging/) argued that it was not a monopoly, rather a platform for app developers who can set their own prices. It has said that if the court allowed the case to proceed, it could potentially disrupt the e-commerce market. For Apple, hundreds of millions of dollars in penalties could hang on the outcome.