Workplace Technology
Workplace Technology

No matter how the office evolves, Align works closely with businesses to provide a connected IT enterprise for today’s hybrid professional that’s built to be secure, flexible and reliable.
Solutions
HQ & Branch Technology Design

Networking & Wi-Fi

AV Design & Implementation

IT & Structured Cabling

Smart Office & Connected Enterprise

Security & Access Control
News & Resources
Blog

Resource Center

Success Stories

Careers

Events
Data Center Solutions
Data Center

From retrofitting to decommissioning your data center infrastructure, our team of experts is able to handle every step of the process.
Solutions
Critical Facility Assessments

Data Center Design & Build

Expansions & Consolidations

Pre-Built Cabinets & Racks

Day 2 Support & IMAC

Decommissioning Services
DCIM Tool Asset Point
Asset Point

Resources

Technical Specs

Product Roadmaps

Success Stories
News & Resources
Blog

Resource Center

Success Stories

Careers
Migrations & Cloud
Migrations & Cloud

Whether its on-prem data center, colocation, or cloud, we have the people process and tools to help you achieve your strategic and technological goals.
Migration Solutions
Application & Workload Migration

Physical Lift & Shift Migration

Cloud Transformation

Current State Assessment

Inventory & Audits

Decommissioning
DCIM Tool Asset Point
Asset Point

Resources

Technical Specs

Product Roadmaps

Success Stories
News & Resources
Blog

Resource Center

Success Stories

Careers
Managed Services
Managed Services & Cybersecurity

Award-winning, scalable, and secure IT solutions from the industry’s premier Managed Services Provider.
Managed Services
Align IT Suite

Cloud Services

Microsoft 365 Copilot

Operational Due Diligence

Align Guardian

Compliance & Data Archiving

Managed Data Protection

Managed Collaboration & Voice Services
Cybersecurity
Align Cybersecurity

Solutions

Operational Cybersecurity Risk Assessments

Cybersecurity Program Manuals

Endpoint Protection Solutions

Data Discovery & Mapping

Cybersecurity Education

vCISO & Cybersecurity Reporting
Resources & Press
Blog

Resource Center

Success Stories

Upcoming Events

Client Login

Client Alerts

Press
Why Align Managed Services
Leadership

Awards

Strategic Partners & Clients

Locations

Operational Security

Careers
About Align
About Align

Over 35 Years' Experience, High-caliber IT Solutions, Award-Winning Professionals and Managed IT Services, Subject Matter Experts
About Align
About Align

Leadership

Blog

News & Press

Careers

Resource Library

Success Stories

Awards

Locations

Events
Contact us

September 9, 2019

Cyber Alert: Microsoft BlueKeep (CVE-2019-0708) Vulnerability

Please take notice that on Friday, September 6th, 2019, the Metasploit Project added an exploit module for the vulnerability known as BlueKeep (CVE-2019-0708).

Unlike the previous publicly released BlueKeep exploits, the recent release allows for remote-code execution. Although there are no reported attacks in the wild at this time, the Align team expects exploit attempts imminently.

BlueKeep (CVE-2019-0708) exists within the Remote Desktop Protocol (RDP) used by the following Microsoft Windows Operating Systems:

Windows 2000
Windows Vista
Windows XP
Windows 7
Windows Server 2003
Windows Server 2003 R2
Windows Server 2008
Windows Server 2008 R2

According to Microsoft, an attacker can send specially crafted packets to one of these operating systems that has RDP enabled. BlueKeep is considered “wormable” because malware exploiting this vulnerability on a system could propagate to other vulnerable systems; thus, a BlueKeep exploit would be capable of rapidly spreading in a fashion similar to the WannaCry malware attacks of 2017.

Security Recommendations

In June, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a list of BlueKeep mitigation measures.
This was the fourth warning published after Microsoft issued two others and the U.S. National Security Agency issued another.
CISA also urged all Windows admins and users to review the Microsoft BlueKeep Security Advisory and the Microsoft Customer Guidance for CVE-2019-0708.
Companies that have not already applied the Microsoft security updates for CVE-2019-0708 should do so immediately.

For more information, please contact Align Managed Services via email cyber@align.com.

- The Align Managed Services Team
cyber@align.com
www.align.com
www.align.com/support

Continue Reading

Related Articles

★★★★★

“Align is our trusted provider for all our Managed Services and cybersecurity needs. They provide us best-in-class IT services that not only help drive productivity and growth, but ensure we meet both current and evolving compliance and security requirements with ease. As consultants to financial advisors, trust and reliability are indispensable to our operations, which is why we never hesitate to refer Align to our very own client base. Align isn’t just our partner, they are an extension of our team. We look forward to entrusting them with our IT infrastructure for years to come.”

Ed Fasano - Experienced Advisory Consultants LLC