locked
About RD Vulnerability CVE 2019 1181-CVE 2019 1182-CVE 2019 1222-CVE 2019 1226 RRS feed

  • Question

  • Hello

    Given this newly found vulnerability I have a question.

    We use Remote Desktop Gateway to accept connections, but we are not exposing port 3389 (is blocked in our perimeter FW). Instead, we use a certificate and a secure 443 connection to access from outside our network to the RD Gateway, which then internally process the request.

    Are we "covered" with this configuration, so we can carefully plan the patch roll out?

    Thanks!

    Monday, August 19, 2019 6:10 PM

Answers

  • Hi,

    All these update mentioned below workarounds:
    1. Enable Network Level Authentication (NLA).
    2. Block TCP port 3389 at the enterprise perimeter firewall.

    If your environment meet above configuration, you can ignore the update. However, in all cases, Microsoft strongly recommends that you install these updates as soon as possible even if you plan to leave these workarounds in place.

    Best Regards,
    Eve Wang

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, August 20, 2019 8:56 AM

All replies

  • Hi,

    All these update mentioned below workarounds:
    1. Enable Network Level Authentication (NLA).
    2. Block TCP port 3389 at the enterprise perimeter firewall.

    If your environment meet above configuration, you can ignore the update. However, in all cases, Microsoft strongly recommends that you install these updates as soon as possible even if you plan to leave these workarounds in place.

    Best Regards,
    Eve Wang

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, August 20, 2019 8:56 AM
  • Hi,

    How things are going there on this issue?

    Please let me know if you would like further assistance.

    Best Regards,
    Eve Wang  

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, August 26, 2019 1:08 AM
  • Hi,

    Is there any update?

    Please click “Mark as answer” if any of above reply is helpful. It would make this reply to the top and easier to be found for other people who has the similar problem.

    Best Regards,
    Eve Wang


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, August 27, 2019 9:19 AM
  • Hi! Sorry for the delayed response. We ended up taking these recommendations but patched the RD Gateway anyway just in case.

    Thanks!

    Wednesday, August 28, 2019 1:21 PM