Vulnerability Notification: Windows RDP Remote Desktop Services Remote Code Execution

[Overview] Once the Windows RDP Remote Desktop Services worm-level remote code execution vulnerabilities (CVE-2019-1181, CVE-2019-1182) appeared, Hillstone Networks immediately issued an early warning. [Vulnerability Details] On August 14, 2019, Microsoft officially released a security patch containing two critical remote code execution vulnerabilities – CVE-2019-1181 and CVE-2019-1182. These two vulnerabilities are similar to the previously fixed…

Vulnerability Notification: Remote Desktop Services Remote Code Execution

[Overview] Remote Desktop Services (RDS) is one of the components of Microsoft Windows that allow users to remotely access and take control of a computer or virtual machine. Recently, the Remote Desktop Services Remote Code Execution vulnerability was published officially. [Vulnerability Details] CVE-2019-0708: The vulnerability is pre-authentication and requires no user interaction. A remote attacker…

Vulnerability Notification: Apache Subversion mod_dav_svn Denial of Service

[Overview] Subversion is an open source version control and software version control system that runs as a standalone server or as a module of the Apache HTTPD server. Recently, the denial of service vulnerability was fixed officially. [Vulnerability Details] CVE-2018-11803: The vulnerability is caused by improper dereference of an uninitialized pointer variable. A remote attacker…

Vulnerability Notification: Microsoft Office Remote Code Execution

[Overview] Microsoft Office is an office software developed by Microsoft Corporation that can perform word processing, form editing, slide show production, and Email service. Recently, Microsoft fixed a remote code execution vulnerability in it. [Vulnerability Details] CVE-2018-8161: The vulnerability is caused by Outlook’s incorrect parsing of HTML. The vulnerable condition occurs when a MIME message…

A ransomware variant is spreading – Hillstone has established a solid shield!

Recently, the GandCrab ransomware family has widely spread in China. The databases, pictures, documents, and compressed files on infected hosts are encrypted, causing a shutdown of business systems. Since its discovery in January, GandCrab has spread rapidly, with many variations in less than one year, showing how active and aggressive the ransomware developers are. China…