HomeWinBuzzer NewsMicrosoft Fixes Two Remote Desktop Services “Wormable” Flaws

Microsoft Fixes Two Remote Desktop Services “Wormable” Flaws

As part of the Patch Tuesday, Microsoft issued fixes for Remote Desktop Services flaws that are similar to BlueKeep and WannaCry.


's August cumulative updates were rolled out yesterday. Included alongside the updates were fixes for two vulnerabilities related to Windows Remote Desktop Services. Microsoft has previously described the flaws as wormable, meaning malware could infect machines and networks without user interaction.

In its update for CVE-2019-1181 and CVE-2019-1182, Microsoft says the vulnerabilities are similar to BlueKeep. If you are unfamiliar with , it is a dangerous vulnerability because it can be executed by bad actors remotely. It is located in Remote Desktop Services on older Windows legacy builds such as Windows 7, Windows XP, AND Server 2003 and 2008.

However, the pair of flaws patched this week are slightly different to BlueKeep because they affect Remote Desktop Services (RDS) and not Remote Desktop Protocol (RDP).

Microsoft discovered the flaws in-house during a review of Remote Desktop Services security. The company says no exploits have been observed in the wild.


The updates are available for users running Windows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 R2 and all versions of Windows 10. Other Windows versions, such as XP, are not affected.

“There is partial mitigation on affected systems that have Network Level Authentication (NLA) enabled. The affected systems are mitigated against ‘wormable' malware or advanced malware threats that could exploit the vulnerability. As NLA requires authentication before the vulnerability can be triggered. However, affected systems are still vulnerable to Remote Code Execution (RCE) exploitation if the attacker has valid credentials that can be used to successfully authenticate.”

In its notes, Microsoft says users and organizations should update immediately to protect against attacks. Those updates are available from the company's Security Update Guide here.

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News