NCSC (National Cyber Security Centre) - Weekly Threat Report @ncsc #cybersecurity

Weekly Threat Report - 16th August 2019

New vulnerabilities revealed by Microsoft, and a big patch day for Adobe

Microsoft has warned of two new wormable vulnerabilities that affect Remote Desktop Services. They have since released fixes.

Any future malware that exploits these two critical vulnerabilities, CVE-2019-1181 and CVE-2019-1182, could be spread between vulnerable computers without the need for any user interaction.

The affected versions of Windows include:

• Windows 7 SP1

• Windows Server 2008 R2 SP1

• Windows Server 2012

• Windows 8.1

• Windows Server 2012 R2

• All supported versions of Windows 10, including server versions

Microsoft confirmed that Window XP, Window Server 2003 and Windows Server 2008 were not affected, nor was the Remote Desktop Protocol (RDP) itself.

These vulnerabilities are similar to the recent BlueKeep vulnerability, which was privately reported to Microsoft by the NCSC earlier this year.

Microsoft have also released critical patches for bugs found affecting server admins running HyperV, CVE-2019-0720 and CVE-2019-0965, which if unpatched allow virtual guests to execute code on the host (what’s called a guest to host break out which undermines the virtualisation separation).

Affected users should follow Microsoft advice and patch as quickly as possible. Further information and downloads can be found in the Microsoft Security Update Guide.

In other patching news, Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS (APSB19-41). These updates address vulnerabilities which, if exploited, could lead to arbitrary code execution in the context of the current user.

We would also recommend that users enable automatic updates to ensure they are protected by the very latest security updates.

“Fridge” tweet highlights growing popularity of household smart devices

Smart devices in the home are becoming commonplace and one 15-year-old recently made the news after – apparently - managing to send a tweet from her fridge.

After having her phone confiscated, the teenager managed to send tweets via a Nintendo device, a Wii U gaming console, before finally claiming to post through the family’s smart refrigerator.

The message apparently tweeted from the refrigerator read: “I do not know if this is going to tweet I am talking to my fridge what the heck my Mom confiscated all of my electronics again.”

The makers of the smart fridge, LG, have confirmed that it would be possible to access Twitter via the web browser on some of their models.

Smart devices are everyday items, ranging from smart speakers to lightbulbs, you find in the home that can connect to the internet.

It’s important to remember to keep smart devices secure, just as you would a laptop or smartphone and the NCSC has published advice about how to use smart devices safely in your home.

National Cyber Security Centre Weekly Threat Reports

ASKET Cyber Security Resources