Log in
E-mail
Password
Remember
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Settings
Settings
Dynamic quotes 
OFFON

MarketScreener Homepage  >  Equities  >  Nasdaq  >  Qualys, Inc.    QLYS

QUALYS, INC.

(QLYS)
  Report
SummaryQuotesChartsNewsRatingsCalendarCompanyFinancialsConsensusRevisions 
News SummaryMost relevantAll newsPress ReleasesOfficial PublicationsSector newsAnalyst Recommendations

Qualys : Windows Remote Desktop Vulnerabilities (Seven Monkeys) – How to Detect and Patch

share with twitter share with LinkedIn share with facebook
08/13/2019 | 09:02pm EDT

In the August 2019 Patch Tuesday release, Microsoft disclosed 7 RDP Vulnerabilities, out of which 4 are labeled as critical and 3 as important. All the critical vulnerabilities exist in Remote Desktop Services - formerly known as Terminal Services - and do not require authentication or user interaction. To exploit the vulnerabilities, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.

The cyber industry has named them as Seven Monkeys pertaining to seven CVEs released. Microsoft has released patches for these vulnerabilities and at least two of these (CVE-2019-1181 & CVE-2019-1182) can be considered 'wormable' and equates them to BlueKeep. Of the three 'Important' RDP vulnerabilities, one (CVE-2019-1223) is a DoS, and the other two (CVE-2019-1224 and CVE-2019-1225) disclose memory contents. Microsoft update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests.

QID 91563 - Microsoft Windows Security Update for Remote Desktop Service August 2019 (Seven Monkeys)

Authenticated check:

Qualys has issued a special QID (91563) for Qualys Vulnerability Management that covers all 7 CVEs across all impacted Operating Systems. This QID is included in signature version VULNSIGS-2.4.675-4, and requires authenticated scanning or the Qualys Cloud Agent. Cloud Agents will automatically receive this new QID as part of manifest version 2.4.675-4.

You can search for this new QID in AssetView or within the VM Dashboard (Beta) by using the following QQL query:
vulnerabilities.vulnerability.qid:91563

Patch:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1222
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1226
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1223
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1224
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1225

Mitigation:

The following mitigation may be helpful in your situation. In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you plan to leave Remote Desktop Services disabled:

Disable Remote Desktop Services if they are not required. If you no longer need these services on your system, consider disabling them as a security best practice.Disabling unused and unneeded services helps reduce your exposure to security vulnerabilities.

Workarounds:

The following workarounds may be helpful in your situation. In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you plan to leave these workarounds in place:

  1. Enable Network Level Authentication (NLA). You can enable Network Level Authentication to block unauthenticated attackers from exploiting this vulnerability. With NLA turned on, an attacker would first need to authenticate to Remote Desktop Services using a valid account on the target system before the attacker could exploit the vulnerability.
  2. Some of these vulnerabilities are not exploitable on Windows 7 and 2008 if you haven't enabled RDP 8 or above. These are available by default in later versions of Windows.

Resources:

Related

Disclaimer

Qualys Inc. published this content on 13 August 2019 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 14 August 2019 01:01:10 UTC

share with twitter share with LinkedIn share with facebook
Latest news on QUALYS, INC.
08/05QUALYS, INC. : half-yearly earnings release
07/30QUALYS : Integrates Ivanti Patch Management into Qualys VMDR Platform to Self-He..
PR
07/29QUALYS : Unveils Multi-Vector EDR, a New Approach to Endpoint Detection and Resp..
PR
07/29QUALYS : Acquires Software Assets of Spell Security
PR
07/27MEDIA ALERT : Qualys to Host ‘EDR Live' Virtual Event Wednesday July 29, a..
PU
07/27MEDIA ALERT : Qualys to Host 'EDR Live' Virtual Event Wednesday July 29, at 11 A..
PR
07/09QUALYS : to Report Second Quarter 2020 Financial Results on August 10
PR
07/07QUALYS : Appoints Ben Carr as Chief Information Security Officer
PR
06/23QUALYS : Offers Remote Endpoint Protection Solution with Malware Detection to th..
PR
06/16QUALYS, INC. : Change in Directors or Principal Officers (form 8-K)
AQ
More news
Financials (USD)
Sales 2020 358 M - -
Net income 2020 65,4 M - -
Net cash 2020 347 M - -
P/E ratio 2020 78,6x
Yield 2020 -
Capitalization 4 812 M 4 812 M -
EV / Sales 2020 12,5x
EV / Sales 2021 10,7x
Nbr of Employees 1 322
Free-Float 86,4%
Chart QUALYS, INC.
Duration : Period :
Qualys, Inc. Technical Analysis Chart | MarketScreener
Full-screen chart
Technical analysis trends QUALYS, INC.
Short TermMid-TermLong Term
TrendsBullishBullishBullish
Income Statement Evolution
Consensus
Sell
Buy
Mean consensus OUTPERFORM
Number of Analysts 18
Average target price 103,13 $
Last Close Price 123,52 $
Spread / Highest target 1,20%
Spread / Average Target -16,5%
Spread / Lowest Target -42,5%
EPS Revisions
Managers
NameTitle
Philippe F. Courtot Chairman & Chief Executive Officer
Sumedh S. Thakar President & Chief Product Officer
Joo Mi Kim Chief Financial Officer
Sandra England Bergeron Lead Independent Director
Peter Pace Independent Director
Sector and Competitors
1st jan.Capitalization (M$)
QUALYS, INC.48.16%4 812
SALESFORCE.COM, INC.27.76%187 219
CLOUDFLARE, INC.142.38%12 556
DYNATRACE, INC.63.00%11 591
ANAPLAN, INC.-14.01%6 198
BEIJING SINNET TECHNOLOGY CO., LTD33.13%5 930