Article 4Y0DP Another reason to hurry with Windows server patches: A new RDP vulnerability

Another reason to hurry with Windows server patches: A new RDP vulnerability

by
Sean Gallagher
from Ars Technica - All content on (#4Y0DP)
GettyImages-1001521238-800x509.jpg

Enlarge / A crafted request is like a skeleton key for gaining access to unpatched Windows Remote Desktop servers. (credit: Anadolu Agency / Getty Images)

While much of the attention around Microsoft's latest Windows security patch has been focused on a flaw in Windows 10 and Windows Server that could be used to spoof a certificate for secure Web sessions or signing code, there were 48 other vulnerabilities that were fixed in the latest update package. Five were related to Microsoft's Remote Desktop Protocol (RDP)-based service, which is used by thousands of organizations for remote access to computers within their networks. And two of them are flaws in the Windows Remote Desktop Gateway that could allow attackers to gain access to networks without having to provide a login.

These two separate bugs, identified as CVE-2020-0609 and CVE-2020-0610, are rated as more dangerous than the crypto bug by Microsoft because, while they're not yet exploited, they could be used to remotely execute code on targeted RDP servers before the gateway even attempts to authenticate them.

"An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights," the Microsoft Security Response Center summary of both vulnerabilities warned. And there is no way to work around the vulnerability without applying a software update. Both attacks rely on specially crafted requests to the Remote Desktop Gateway using the RDP protocol.

Read 4 remaining paragraphs | Comments

index?i=4dFaKQMROQk:z6cfsAZdImo:V_sGLiPB index?i=4dFaKQMROQk:z6cfsAZdImo:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments