May 16, 2019
Supporting Windows XP and Server 2003 with Datto RMM?
Supporting Windows XP and Server 2003 with Datto RMM? On May 14, Microsoft released critical security updates addressing a remote code execution vulnerability with Remote Desktop Services. In response, the Datto RMM team has released a component to automate deployment of this critical fix to impacted systems.
The vulnerability - CVE-2019-0708 - enables an unauthenticated attacker to target a system using Remote Desktop Protocol and send specially crafted requests. As this vulnerability occurs pre-authentication, it requires no user interaction, enabling the attacker to unilaterally execute code on the target, including to install programs, access and extract data, or create new accounts on the system.
The Datto RMM team has just released a component to automate the install of this out-of-band patch to these operating systems. Check out the "KB4500331 Patch Installer for XP and Server 2003" component in the ComStore.