Beware Of The Critical Windows Worm Hole, Alerts Microsoft
Important announcement for MS Windows Administrators, Microsoft has discovered a remote, pre-authentication, network-accessible code execution vulnerability in the implementation of RDP protocol. It is advised that the new and vital  #-Link-Snipped-# update be enforced as soon as possible.
The vulnerability lies in the way the RDP Protocol  accesses an object in memory which has been improperly initialized or has been deleted. If an attacker is able to spot this vulnerability and successfully exploits it then it would be possible to run a random code on the victim's computer. This flaw would allow the attacker freedom to install programs, view, change or delete data without user's permission.
#-Link-Snipped-#
This vulnerability exists in all versions of Windows and though RDP is disabled by default, it would still be a safe-measure to take note of this issue and follow guidelines to tie any loose ends. Microsoft predicts that an exploit for this vulnerability will be developed within the next month. The vulnerability is only accessible if RDP is enabled. A mitigation feature in the RDP, known as  NLA (network level authentication) transfers it to post-authentication stage which reduces the risk of the exploitation.  There are #-Link-Snipped-# for Windows.
Also, the Remote Assistance  feature in Windows with a tick against “less secure†on a RDP-enabled machine will make it more susceptible to exploit, with no barrier to pre-auth code execution. This issue can be ill-used by an attacker even before authentication is required. Microsoft has already shipped  six security bulletins as part of this month’s Patch Tuesday batch addressing loopholes in  Microsoft Windows, Visual Studio and Expression Design.
Source & Image Credit: #-Link-Snipped-#
The vulnerability lies in the way the RDP Protocol  accesses an object in memory which has been improperly initialized or has been deleted. If an attacker is able to spot this vulnerability and successfully exploits it then it would be possible to run a random code on the victim's computer. This flaw would allow the attacker freedom to install programs, view, change or delete data without user's permission.
#-Link-Snipped-#
This vulnerability exists in all versions of Windows and though RDP is disabled by default, it would still be a safe-measure to take note of this issue and follow guidelines to tie any loose ends. Microsoft predicts that an exploit for this vulnerability will be developed within the next month. The vulnerability is only accessible if RDP is enabled. A mitigation feature in the RDP, known as  NLA (network level authentication) transfers it to post-authentication stage which reduces the risk of the exploitation.  There are #-Link-Snipped-# for Windows.
Also, the Remote Assistance  feature in Windows with a tick against “less secure†on a RDP-enabled machine will make it more susceptible to exploit, with no barrier to pre-auth code execution. This issue can be ill-used by an attacker even before authentication is required. Microsoft has already shipped  six security bulletins as part of this month’s Patch Tuesday batch addressing loopholes in  Microsoft Windows, Visual Studio and Expression Design.
Source & Image Credit: #-Link-Snipped-#
Replies
You are reading an archived discussion.
Related Posts
How would you like to see an open camera operating system on your digital camera? Well, that's what Samsung might be planning in their R&D Labs at the company's Korean...
Reports of a tablet from Nokia has been scorching around for quite some time now. There were even rumours of a 10-inch tablet with dual-core Qualcomm processor featuring Windows 8...
The multi-room music system manufacturer company Sonos has announced new controller apps for both Windows and Mac which will make it easier to find, play and control the music in...
The XL series from BenQ has added two new monitors in its line-up, the XL2420T and XL2420TX. Last year XL2410T was introduced which was a huge success and owing to...
Pilots say that flying through fog has really been a difficult task for them especially in commercial airlines. In fact, most of the airlines’ authorities organize a quick landing when...