Skip to main content

RDP vulnerability


BlueKeep: There’s a Report For That

By Patch ManagementNo Comments

BlueKeep: There’s a Report For That

BlueKeep exploits are on the rise—Syxsense allows you to see which of your devices are affected by this critical vulnerability.
[vc_single_image image=”30115″ img_size=”full”]

With BlueKeep exploits looming large, knowing your exposed risk could save your time, money and business.

Syxsense has added the “BlueKeep At Risk Devices” report to every console. Our dynamic architecture helps you stay on top of emerging threats. To run the report, just go to reports, find BlueKeep and press the button.

[vc_single_image image=”30124″ img_size=”full”]

In seconds, you will see a list of every device that hasn’t been scanned for the vulnerability and every device where the risk is detected. With a few more clicks you can deploy the patch to every device, rerun the report and prove to management that you are 100% compliant.

Click, know the facts, and secure. Experience a complete view of your IT environment with Syxsense.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.
[vc_btn title=”Get Started with Syxsense” color=”warning” size=”lg” align=”center” link=”url:%2Fsyxsense-trial|||”]

NSA Urging Users to Patch BlueKeep Vulnerability

By News, Patch ManagementNo Comments

NSA Urging Users to Patch BlueKeep Vulnerability

The National Security Agency (NSA) is warning users that a new RDP vulnerability affecting Windows 7 and Windows XP systems is potentially “wormable."
[vc_single_image image=”30084″ img_size=”full”]

The National Security Agency has recently issued an urgent advisory to all Windows-based administrators and users to ensure they are using a fully-patched and updated system.

Last month, Microsoft released additional security updates to protect against Bluekeep, a new security vulnerability considered a potentially ‘wormable’ flaw in the Remote Desktop (RDP) protocol (CVE-2019-0708). The vulnerability is present in the still-supported Windows 7, Vista, Server 2008 and Server 2008 R2, but also in legacy systems Windows XP and Server 2003, which is a rarity for Microsoft since Extended Support ended back in April of 2014.

The vulnerability can be easily exploited and weaponized by leveraging malware or even ransomware. Microsoft has even warned that the vulnerability can surely be as damaging as Wannacry. It only takes a bit of code designed to exploit it and spread pre-authentication without requiring any user interaction in the process. Once the vulnerability has been abused, it’s only a matter of time before it will infect not only the target host, but the rest of the environment, if left unpatched.

The NSA also believes this can easily evolve in time: “This is the type of vulnerability that malicious cyber actors frequently exploit through the use of software code that specifically targets the vulnerability. For example, the vulnerability could be exploited to conduct denial of service attacks. It is likely only a matter of time before remote exploitation code is widely available for this vulnerability. NSA is concerned that malicious cyber actors will use the vulnerability in ransomware and exploit kits containing other known exploits, increasing capabilities against other unpatched systems.”

The solution is simple: patch all Windows devices not only for the latest vulnerability but always, and if the devices are outside of mainstream or even extended support, like the legacy operating systems, it’s best to migrate to Microsoft’s latest OS, Windows 10.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.
[vc_btn title=”Get Started with Syxsense” color=”warning” size=”lg” align=”center” link=”url:%2Fsyxsense-trial|||”]

FBI Alert: RDP Exploited

By NewsNo Comments
[vc_single_image source=”featured_image” img_size=”full”]

Hope you don’t rely on RDP

The FBI and Department of Homeland Security have released a new US-CERT Alert. Alert I-092718-PSA details the ramping up of cyber attacks exploiting the Remote Desktop Protocol.

RDP is included with Windows, and with millions utilizing that operating system, the vulnerability is widespread.

The alert states “The use of RDP creates risk. Because RDP has the ability to remotely control a system entirely, usage should be closely regulated, monitored, and controlled.” If you don’t use the service, the FBI and DHS recommend you disable it and block any corresponding ports.” It’s also important to regularly monitor your remote access activity.

Why Syxsense is a secure solution to replace RDP

  • Reports can be scheduled to regularly keep you up to date on remote access activity.
  • Syxsense comes with Two-Factor Authentication, ensuring only authorized users can use the solution. This is a feature the FBI recommends for remote access products.
  • The suite comes with other tools, such as our Patch Manager. This, too, is recommended in the alert; “Apply system and software updates regularly.”
  • Communication is 2048-bit Encrypted.
  • End user access controls.
  • No Forced open ports.

RDP is quickly becoming an attacker’s favorite way to access an IT environment. Secure your devices and replace RDP with a secure Remote Control solution. Syxsense has reliable Remote Control as well as many other useful features.

It’s time to ditch RDP. Start a free trial of Syxsense.

[dt_default_button link=”|||” size=”big” button_alignment=”btn_left”]START FREE TRIAL[/dt_default_button]

RDP Flaw: Every Windows Version Affected

By NewsNo Comments
[vc_single_image image=”23862″ img_size=”full”]

CredSSP Flaw in RDP

Credential Security Support Provider protocol (CredSSP), a Windows protocol that interacts with features like RDP, has a critical vulnerability. The danger here is that malicious entities could manipulate RDP to gain access to user’s devices and environments, stealing sensitive and valuable data.

This previously unknown remote code execution vulnerability was reported to Microsoft in August last year, but the tech giant issued a fix for the protocol just now as part of its Patch Tuesday release—that’s almost after 7 months of reporting.

Since RDP is a feature within Windows, and one of the most popular application to perform remote access, everyone is exposed to this security threat. Literally every version of Windows, at the time of this article, contains this flaw.

Microsoft has released updates that target this issue. Even if you aren’t using RDP regularly, deploying this patch to your windows devices is critical. Because researchers believe this exploit may evolve into new ways to attack your environment, it’s also important to track the activity of remote login sessions.

Syxsense provides both predictive patch management and detailed security reports.

Protect your devices from this major RDP flaw by starting a free trial with Syxsense.

[dt_default_button size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]