Microsoft has released security updates to address two remote code execution vulnerabilities, CVE-2019-1181 and CVE-2019-1182, in its operating systems. An attacker could exploit these vulnerabilities to take control of an affected system. Similar to CVE-2019-0708 - dubbed BlueKeep - these vulnerabilities are considered “wormable” because malware exploiting these vulnerabilities on a system could propagate to other vulnerable systems. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and users and administrators to review the resources and apply the necessary update. Read the advisory at CISA.