enSilo Releases Patch to Protect Against ESTEEMAUDIT

The cybersecurity firm enSilo released a patch for Windows XP and Windows Server 2003 to address a vulnerability exploited by ESTEEMAUDIT, an exploit allegedly developed by the National Security Agency and released in April 2017 by the anonymous actor or group that calls themselves the Shadow Brokers. ESTEEMAUDIT exploits Windows XP and Windows Server 2003 machines via a zero-day vulnerability that exists in the remote desktop protocol (RDP). Successful exploitation could allow threat actors to take control of devices with open RDP ports or move laterally inside a network with open RDP connections. The enSilo patch is available for Windows XP SP3 x86, Windows XP SP3 x64, and Windows Server 2003 R2, and can be downloaded here. Alternatively, users and administrators can disable RDP to mitigate this threat.The NJCCIC highly recommends users and administrators only operate supported hardware and software and upgrade or terminate the use of end-of-life systems that are no longer supported by the vendor, such as Windows XP and Windows Server 2003. The NJCCIC has not verified the integrity and makes no claim as to the effectiveness of this patch, which is released by a third-party and not endorsed or officially supported by Microsoft at this time. We advise users to exercise caution when downloading and installing any software from the internet, and to test patches before deploying in production environments.