Log in
E-mail
Password
Remember
Forgot password ?
Become a member for free
Sign up
Sign up
Settings
Settings
Dynamic quotes 
OFFON

MarketScreener Homepage  >  Equities  >  Nasdaq  >  Qualys Inc    QLYS

QUALYS INC

(QLYS)
  Report  
Delayed Quote. Delayed Nasdaq - 09/20 04:00:00 pm
78.07 USD   -1.05%
09/20QUALYS : Cloud Platform 8.21.2 New Features
PU
09/16QUALYS : Assess Vulnerabilities, Misconfigurations in CI/CD Pipeline
PU
09/13QUALYS : Cloud Platform 8.21.2 New Features
PU
SummaryQuotesChartsNewsRatingsCalendarCompanyFinancialsConsensusRevisions 
News SummaryMost relevantAll newsOfficial PublicationsSector newsAnalyst Recommendations

Qualys : Windows Remote Desktop Vulnerabilities (Seven Monkeys) – How to Detect and Patch

share with twitter share with LinkedIn share with facebook
share via e-mail
0
08/13/2019 | 09:02pm EDT

In the August 2019 Patch Tuesday release, Microsoft disclosed 7 RDP Vulnerabilities, out of which 4 are labeled as critical and 3 as important. All the critical vulnerabilities exist in Remote Desktop Services - formerly known as Terminal Services - and do not require authentication or user interaction. To exploit the vulnerabilities, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.

The cyber industry has named them as Seven Monkeys pertaining to seven CVEs released. Microsoft has released patches for these vulnerabilities and at least two of these (CVE-2019-1181 & CVE-2019-1182) can be considered 'wormable' and equates them to BlueKeep. Of the three 'Important' RDP vulnerabilities, one (CVE-2019-1223) is a DoS, and the other two (CVE-2019-1224 and CVE-2019-1225) disclose memory contents. Microsoft update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests.

QID 91563 - Microsoft Windows Security Update for Remote Desktop Service August 2019 (Seven Monkeys)

Authenticated check:

Qualys has issued a special QID (91563) for Qualys Vulnerability Management that covers all 7 CVEs across all impacted Operating Systems. This QID is included in signature version VULNSIGS-2.4.675-4, and requires authenticated scanning or the Qualys Cloud Agent. Cloud Agents will automatically receive this new QID as part of manifest version 2.4.675-4.

You can search for this new QID in AssetView or within the VM Dashboard (Beta) by using the following QQL query:
vulnerabilities.vulnerability.qid:91563

Patch:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1222
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1226
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1223
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1224
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1225

Mitigation:

The following mitigation may be helpful in your situation. In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you plan to leave Remote Desktop Services disabled:

Disable Remote Desktop Services if they are not required. If you no longer need these services on your system, consider disabling them as a security best practice.Disabling unused and unneeded services helps reduce your exposure to security vulnerabilities.

Workarounds:

The following workarounds may be helpful in your situation. In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you plan to leave these workarounds in place:

  1. Enable Network Level Authentication (NLA). You can enable Network Level Authentication to block unauthenticated attackers from exploiting this vulnerability. With NLA turned on, an attacker would first need to authenticate to Remote Desktop Services using a valid account on the target system before the attacker could exploit the vulnerability.
  2. Some of these vulnerabilities are not exploitable on Windows 7 and 2008 if you haven't enabled RDP 8 or above. These are available by default in later versions of Windows.

Resources:

Related

Disclaimer

Qualys Inc. published this content on 13 August 2019 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 14 August 2019 01:01:10 UTC

share with twitter share with LinkedIn share with facebook
share via e-mail
0
Latest news on QUALYS INC
09/20QUALYS : Cloud Platform 8.21.2 New Features
PU
09/16QUALYS : Assess Vulnerabilities, Misconfigurations in CI/CD Pipeline
PU
09/13QUALYS : Cloud Platform 8.21.2 New Features
PU
09/11QUALYS POLICY COMPLIANCE NOTIFICATIO : Policy Library Updates, July 2019
PU
09/11QUALYS : Patch Management 1.3 New Features
PU
09/10QUALYS : September Patch Tuesday – 79 Vulns, 17 Critical, Remote Desktop C..
PU
08/29QUALYS : Cisco REST API Container for IOS XE Software Authentication Bypass Vuln..
PU
08/22QUALYS, INC. : Change in Directors or Principal Officers (form 8-K)
AQ
08/22QUALYS : Appoints Wendy M. Pfeiffer, CIO of Nutanix, to its Board of Directors
PR
08/13QUALYS : Windows Remote Desktop Vulnerabilities (Seven Monkeys) – How to D..
PU
More news
Financials (USD)
Sales 2019 322 M
EBIT 2019 102 M
Net income 2019 53,3 M
Finance 2019 277 M
Yield 2019 -
P/E ratio 2019 61,0x
P/E ratio 2020 57,5x
EV / Sales2019 8,65x
EV / Sales2020 7,21x
Capitalization 3 063 M
Chart QUALYS INC
Duration : Period :
Qualys Inc Technical Analysis Chart | MarketScreener
Full-screen chart
Technical analysis trends QUALYS INC
Short TermMid-TermLong Term
TrendsNeutralBearishNeutral
Income Statement Evolution
Consensus
Sell
Buy
Mean consensus OUTPERFORM
Number of Analysts 18
Average target price 94,72  $
Last Close Price 78,07  $
Spread / Highest target 42,2%
Spread / Average Target 21,3%
Spread / Lowest Target -7,78%
EPS Revisions
Managers
NameTitle
Philippe F. Courtot Chairman, President & Chief Executive Officer
Melissa B. Fisher Chief Financial Officer
Sandra England Bergeron Independent Director
Peter Pace Independent Director
Jeffrey P. Hank Independent Director
Sector and Competitors
1st jan.Capitalization (M$)
QUALYS INC4.46%3 063
SALESFORCE.COM13.31%135 854
ANAPLAN INC99.70%6 987
NUTANIX INC-37.10%4 865
CORNERSTONE ONDEMAND, INC.9.10%3 339
SOPHOS GROUP PLC7.05%2 467