On 17 May, Microsoft issued a patch for a ‘wormable’ Remote Desktop Protocol vulnerability that they believed would quickly be exploited by attackers.
Kaspersky Lab researchers have analyzed and successfully created a detection strategy for the vulnerability. They are making this available to colleagues across the security industry so that others can create their own detection strategies.
“We analyzed the vulnerability and can confirm that it is exploitable. We have therefore developed detection strategies for attempts to exploit the vulnerability and would now like to share those with trusted industry parties, so that together we can build a shield around all our customers before the attackers figure out what to do and unleash another devastating worm on the world,” said Boris Larin, security researcher at Kaspersky Lab.
Security vendors who would like to receive further details should contact Kaspersky Lab on nomoreworm@kaspersky.com.
