Patch or pay: super-critical Windows RDP flaw fixed
Posted on May 22, 2019
2 min read
Organisations should urgently apply a Windows update released by Microsoft last week, which fixes a severe vulnerability that hackers are actively attempting to attack.
You may have enabled RDP to allow functions like logging in to the office from home. If the service is active, attackers can send a special packet that grants them remote code execution.
Researchers say there are some three million RDP services exposed to the internet – each of which is at heightened risk of compromise.
Professional security researchers and hackers of ill intent are actively researching ways to exploit this vulnerability. Attacks have not surfaced as of the time of writing, but it is likely they will over coming days and weeks. Criminals are showing active interest in this flaw.
Microsoft releasing a patch for its long-since unsupported Windows XP operating system speaks to the severity of this vulnerability.
Our cybersecurity team at Telstra has worked hard to ensure our systems and those of our managed customers are patched.
We urge everyone in the community to prioritise this patch so that their data, and that of their customers, will remain protected.