Windows Remote Desktop Vulnerabilities (Seven Monkeys) – How to Detect and Patch

In the August 2019 Patch Tuesday release, Microsoft disclosed 7 RDP Vulnerabilities, out of which 4 are labeled as critical and 3 as important. All the critical vulnerabilities exist in Remote Desktop Services – formerly known as Terminal Services – and do not require authentication or user interaction. To exploit the vulnerabilities, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.


This is a companion discussion topic for the original entry at https://blog.qualys.com/laws-of-vulnerabilities/2019/08/13/windows-remote-desktop-vulnerabilities-seven-monkeys-how-to-detect-and-patch