As part of the Microsoft May release, MS has announced on a Remote Code Execution vulnerability in Remote Desktop Services, CVE-2019-0708. At this time, there are no indications of the vulnerability exploited in the wild or the existence of a public PoC. Check Point researchers are investigating this and monitoring any relevant activity in the wild. Check Point recommendation is to monitor affected systems and deploy MS fix according to MS Security Update Guide. Customers who do not need a Remote Desktop Protocol can block the protocol on the Gateway and EndPoint Firewalls.
