Microsoft CVE-2019-0887: Remote Desktop Services Remote Code Execution Vulnerability
Description
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an authenticated attacker abuses clipboard redirection. An attacker who successfully exploited this vulnerability could execute arbitrary code on the victim system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker must already have compromised a system running Remote Desktop Services, and then wait for a victim system to connect to Remote Desktop Services. The update addresses the vulnerability by correcting how Remote Desktop Services handles clipboard redirection.
Solution(s)
- msft-kb4507435-3adf123b-b79a-4c3b-8ca8-12d1ae6dd2fd
- msft-kb4507435-3c7e1698-7296-4ec8-90b1-8607410972c7
- msft-kb4507435-7b795c0d-b4d5-49ed-94be-687e9c81fea8
- msft-kb4507450-7ab77e94-f8ab-419f-974f-506fdfefead9
- msft-kb4507450-9e6233c8-7cce-4449-a4a4-73f02aa89c3d
- msft-kb4507453-2e93d988-166a-4edf-811b-6bef2091599d
- msft-kb4507453-8cedcb21-0200-433d-b32d-2d5ef741adec
- msft-kb4507453-cf588052-676f-4530-8369-43c798c0c9e0
- msft-kb4507455-b5c00614-8763-4439-9172-99e0d79b654c
- msft-kb4507455-f708139b-3f47-4084-91aa-64c7b43f9c1b
- msft-kb4507456-256714d3-2030-469c-8c6a-f30ff5ea5a10
- msft-kb4507456-5c94bfe0-3546-493d-8de2-61342cbf5b96
- msft-kb4507456-7cdee6a8-6f30-423e-b02c-3453e14e3a6e
- msft-kb4507456-8ef94183-d630-48d8-8a60-d1a66f5bf53d
- msft-kb4507456-a1f24376-4aff-404e-bb04-f6d00686d6dc
- msft-kb4507456-df8085cf-9e2a-463b-92f3-e8c2dd920fe0
- msft-kb4507457-3848287d-d32e-4e7b-b6a1-798ba1329599
- msft-kb4507457-66318eca-fd0b-4e3e-b0f6-b0992e0f5d7c
- msft-kb4507457-d8ac2164-d4d1-442d-adfa-0b5a886bd8c0
- msft-kb4507458-138c1b7d-e52b-426f-9880-faed31e298dd
- msft-kb4507458-6cc21b8f-e92c-4406-872c-c5964a38af75
- msft-kb4507460-4b7e8790-e16d-4c77-b790-c08045983154
- msft-kb4507460-a528e8a9-d68e-4d64-91dd-65db127836ec
- msft-kb4507460-a9da78d9-858d-4639-b819-1723d2051c39
- msft-kb4507461-585d930e-fe25-4ca6-ad2f-8ec034309c40
- msft-kb4507461-6e49345e-8807-48dd-be6d-fb5433bcddcd
- msft-kb4507461-f8662637-4580-4357-90a2-1e71f6c51021
- msft-kb4507464-53bbafce-c9f3-4c30-aeff-c2ffb48b3773
- msft-kb4507464-7ff2664d-6c32-4479-ba6d-3f8822f8128d
- msft-kb4507464-a4fb9a27-eaf9-4ace-8ae1-31cd7b5621d7
- msft-kb4507469-0784bfeb-5c3f-413c-8a87-494c8cca5348
- msft-kb4507469-7d86f1ff-3201-412f-b6f3-fa4aac792617
- msft-kb4507469-f95e51b9-03a6-4d85-aae7-86e48b69c96a
- msft-kb5008215-d657015b-8ec8-49ea-9802-6ba83ab978e2
- msft-kb5008223-1324279d-a751-4486-8da9-0156f58bc58b
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center