Hello, welcome to the Wednesday, May 15th, 2019 edition of the Santernat Storm Center's

Stormcast. My name is Johannes Ulrich, and today I'm recording from San Diego, California.

Today, Microsoft released its monthly set of patches among the 79 vulnerabilities patch.

Well, 23 are rated as critical and two have been known before the patch was released.

Now, one of these two vulnerabilities has been used in exploits already.

But the vulnerability that's getting probably the most attention is C2. been used in exploits already.

But the vulnerability that's getting probably the most attention is CVE 2019 0708.

This vulnerability is a problem in the remote desktop services.

Now it doesn't affect Windows 10. It only affects some of the older

operating systems like Windows 7 and earlier, Windows Server 2008, as well as 2008 R2. It goes even as

far back as Windows XP and Windows 2003.

Now usually Microsoft, of course, no longer really makes any statements regarding these older operating systems like Windows XP, but due to the severity of this particular issue, Microsoft has actually released a special patch for these

legacy operating systems. You can get this patch for free from Microsoft, so it's not something

that you have to pay some special extended service fee for. An exploit for this vulnerability should not require any user interaction, so this makes this

a warmable vulnerability if the RDP service is enabled.

Maybe worthwhile to scan your network for any systems that have the RDP service enabled that

shouldn't have it enabled. Usually not a great idea to leave the service exposed anyway,

even without this vulnerability. Another interesting vulnerability is CVE 2019-0725.

Well, yet another DHCP client vulnerability.

Haven't really seen any details here yet.

It's sort of interesting that this is the fourth

DHCP client-related vulnerability that Microsoft is patching just this year. Have been looking at this since there have been so many of these vulnerabilities, all for a sudden.

...