Wormable vulnerabilities in Windows Remote Desktop Services

By

Microsoft patched new wormable vulnerabilities in Windows Remote desktop Services on August 13th.
Following is the description and coverage:
CVE-2019-1181
A remote code execution vulnerability exists in Remote Desktop formerly known as Terminal Services, when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka ‘Remote Desktop Services Remote Code Execution Vulnerability’.
CVE-2019-1182
A remote code execution vulnerability exists in Remote Desktop Services, formerly known as Terminal Services ; when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka ‘Remote Desktop Services Remote Code Execution Vulnerability’

CVE-2019-1224 and CVE-2019-1225
An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory, aka ‘Remote Desktop Protocol Server Information Disclosure Vulnerability

SonicWall Capture Labs Threat Research Team has analyzed and addressed these vulnerabilities with following signatures.
IPS 14356 : Windows Remote Desktop Services Remote Code Execution (AUG 19) 1
IPS 14357 : Windows Remote Desktop Services Remote Code Execution (AUG 19) 2
IPS 14354 : Remote Desktop Protocol Server Information Disclosure Vulnerability (AUG 19) 1

Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.