ALERTS

Critical Windows Remote Desktop Flaw

Microsoft patched a critical Remote Code Execution (RCE) vulnerability found in the Remote Desktop Services (RDS) platform which can allow malicious persons to create malware designed to propagate between computers running vulnerable RDS installations.
 
Affected supported versions of Windows:

• Windows 7


• Windows Server 2008


• Windows Server 2008 R2

Out-of-support Windows versions, such as Windows XP and Windows Server 2003, are also affected by the critical vulnerability. Users of these Windows versions need to either upgrade to newer releases or to apply the Windows security updates available via KB4500705.
 
Customers who use a supported version of Windows and have automatic updates configured to automatically install should be protected.  Windows 8 and Windows 10 users are not impacted by the vulnerability because of the strengthened security provided with these latest Windows releases.
 
Microsoft advises that all affected systems should be updated as soon as possible.
 
If you have questions, please contact the ITS Help Desk at 956-8883, email help@hawaii.edu, or call toll free (800) 558-2669 from the neighbor islands.