CVE-2019-0708 is a Microsoft critical remote code execution vulnerability that affects medical devices operating on Windows 2003, XP, Vista and Windows 7.

DID YOU KNOW…

• Majority of Healthcare Medical Devices Operate on Legacy Systems. Forescout researchers determined 39 percent of IoT Devices and 53 percent of common medical devices are still operating on traditional, legacy platforms, which poses a patient safety risk.
• Microsoft Issues Rare Legacy OS Patch to Prevent Another WannaCry. Microsoft released a patch for its outdated Windows XP, and other legacy systems, after finding a vulnerability that would allow an RDP exploit – to prevent another global WannaCry cyberattack in 2017.
• HHS: Microsoft Vulnerabilities Impact Healthcare Cybersecurity. HCCIC urged organizations to review their healthcare cybersecurity measures as reports claim Microsoft vulnerabilities could let hackers gain system access.

“Poor security practices and lack of patching are likely reasons why malicious use of the EternalBlue exploit has been growing continuously since the beginning of 2017, when it was leaked online,” ESET Security Evangelist Ondrej Kubovic wrote.