Summary
Microsoft released a set of fixes for Remote Desktop Services that include two critical Remote Code Execution (RCE) vulnerabilities, CVE-2019-1181 and CVE-2019-1182. Like the previously-fixed ‘BlueKeep’ vulnerability (CVE-2019-0708), these two vulnerabilities are also ‘wormable’, meaning that any future malware that exploits these could propagate from vulnerable computer to vulnerable computer without user interaction.
Impacted systems in this communication's scope
BACT/ALERT® VIRTUO® | OBSERVA® |
DIVERSILAB® | PREVI® ISOLA |
EASYSTREAM® | TEMPO® |
EMAG® | VIDAS® 3 |
ESTREAM® | VIDAS® PC |
GENE UP® | VLINK® |
MYLA® | VITEK® 2 |
NUCLISENS® easyMAG® | VITEK® MS |
NUCLISENS EASYQ® | Chemunex systems* |
* (ScanRDI W10, D-Count 25/50). It is not recommended to connect the following systems to the network: ChemScan XP & W7, ScanRDI W7, D-Count II/BactiFlow ALS XP & W7 & W10.
Which versions are impacted
Summary of impacted OS versions:
- Microsoft Windows® Embedded Standard 7 SP0
- Microsoft Windows® Embedded Standard 7 SP1
- Microsoft Windows® Server 2008 R2 SP1
- Microsoft Windows® 10
- Microsoft Windows® Server 2016
Recommendations
Update systems running Microsoft Windows® as soon as possible using the below guidelines:
- Windows Embedded Standard 7 SP1 / Windows Server 2008 R2 SP1:
Install August 2019 Windows Monthly Rollup - Windows10 and Windows Server 2016:
Install August 2019 Windows Monthly Update - Network Level Authentication (NLA): NLA is not to be enabled if currently disabled
- Block TCP port 3389 at the enterprise perimeter firewall
- Apply Windows security updates as they become available
- Apply Windows security updates manually
- Apply Windows security updates one at a time
- Do not update Internet Explorer or download other software updates without consulting your IT department and bioMérieux Customer Support.
- Disconnect or isolate systems which can’t be updated on an isolated network
- Replace all systems out of support by the latest available supported version
- Never expose bioMérieux systems directly to the internet
Additional Resources
- Blog post by Microsoft dated August 13, 2019 https://msrc-blog.microsoft.com/2019/08/13/patch-new-wormable-vulnerabilities-in-remote- desktop-services-cve-2019-1181-1182/
- Microsoft security advisory regarding CVE-2019-1181 dated August 13, 2019 https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1181
- Microsoft security advisory regarding CVE-2019-1182 dated August 13, 2019 https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1182
If there are any questions or concerns, please reach out to your IT department and the bioMérieux Customer Support Center at 1-800-682-2666 for assistance.
Sincerely,
US Commercial Operations
MAR 4495 • PRN 054449 Rev01.A