IDG Contributor Network: Critical updates to IE and Windows, make for an urgent May Patch Tuesday

Spread the love

I don’t understand the reasoning behind Microsoft’s rating of important for the RDS vulnerability. This vulnerability (CVE-2019-0863) should be a considered a zero-day security issue as it has been publicly disclosed and reported as exploited in the wild.

Even worse, the RDS security issue is a pre-authentication vulnerability, meaning as user does not have to be logged in to be vulnerable. Although creating a “wormable” attack is complex and requires significant skills, there are millions of RDP end-points published on the internet – expect a serious attack in the next few days.

To read this article in full, please click here

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *