none
CVE-2019-0708 patch - Gateway and Connection Broker compatibility? RRS feed

  • Question

  • Does anyone know if the patch can be rolled out? Ex: Patching only a few of the session hosts (not all), or the gateway and/or connection broker, etc?

    We are not in an environment where we can patch all of the servers at once.

    I ask because in our last experience with updating asynchronously, we had an issue where some users were not able to RDP into servers (CredSSP errors, etc).  We don't want a repeat of this.


    • Edited by Nicole- Monday, June 17, 2019 10:02 PM
    Monday, June 17, 2019 4:27 PM

All replies

  • Hi,

    CVE-2019-0708 | Remote Desktop Services Remote Code Execution Vulnerability:
    https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0708#ID0EKIAC

    Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible. I have not found some known issues for such fix until now, and I had installed it on my test VM environment and there is no problem happens. However, your production environment may be complex than mine, and my reply just for your reference.

    In order to avoid some problem, it is recommended to back up system and important data before installing the update, also, if possible, build a similar test environment as your production configuration to install the updates before roll out is also recommended.

    Best Regards,
    Eve Wang

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, June 18, 2019 7:33 AM
    Moderator
  • Thanks.  I guess we'll take extra precautions.

    Thankfully all servers are virtualized, so we can takesnapshots.  With the absence of any anecdotal evidence and community experience, we'll snapshot a session host server, update all servers wholesale, and see if anyone complains.  Even with 7 total servers (5 session hosts, a GW, and a CB), it shouldn't take more than an hour of downtime.  I hope...



    • Edited by Nicole- Wednesday, June 19, 2019 7:29 PM
    Wednesday, June 19, 2019 7:29 PM
  • Hi,

    Thank your detail sharing. If there is any more questions or concerns, please feel free to let us know.

    Best Regards,
    Eve Wang

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, June 20, 2019 2:59 AM
    Moderator
  • Hi,

    Is there any update?

    Please click “Mark as answer” if any of above reply is helpful. It would make this reply to the top and easier to be found for other people who has the similar problem.

    Best Regards,
    Eve Wang

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, June 24, 2019 1:18 AM
    Moderator