Microsoft Warns This New Vulnerability Could Lead To The Next WannaCry


Microsoft is warning that an exploit with the magnitude of the WannaCry attack that crippled computers worldwide two years ago could be imminent if people fail to patch a high-severity vulnerability. 

Microsoft is urging its customers to patch a critical remote code execution vulnerability in Remote Desktop Services immediately. This vulnerability, CVE-2019-0708, affects Windows Server 2008 R2, Windows Server 2008, Windows 7, Windows 2003, and Windows XP. 

  • What does this vulnerability entail?
    Microsoft disclosed and released patches to address a critical vulnerability in Remote Desktop Services (RDP) in its May 2019 security updates. The vulnerability can be exploited by an unauthenticated remote attacker attempting to connect to a vulnerable system using RDP and sending specially crafted requests. If an attack is successfully able to exploit this vulnerability, they could execute code on the system.

  • Why is it so important?
    The flaw, CVE-2019-0708, does not require authentication or user interaction, giving it the potential to be leveraged in malware to self-propagate to other vulnerable systems. These capabilities allow the vulnerability to be “wormable” in that any malware that leverages this vulnerability could potentially spread to other vulnerable systems, such as the WannaCry ransomware did with MS17-010 and the EternalBlue exploit in 2017. Microsoft warns that the likelihood of threat actors creating an exploit and incorporating it into their malware is very high. 

  • What should I do?
    The company released patches for Windows 7 and Windows Server 2008/R2 as well as older, traditionally unsupported, versions of Windows XP and Windows 2003. Windows 8 and 10 are not affected by this vulnerability. It is recommended to apply these updates immediately to protect your systems from attacks targeting CVE-2019-0708. These patches can be found here:

Concerned your organization isn't prepared to handle cyber attacks? Reach out to a CyberMaxx team member today for a complimentary consultation:


Topics: cybersecurity, cyber attack, wannacry, microsoft, vulnerability

Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Insight