Thursday, May 14, 2020
Improper Microsoft Patch for Reverse RDP Attacks Leaves 3rd-Party RDP Clients Vulnerable
Remember the Reverse RDP Attack—wherein a client system vulnerable to a path traversal vulnerability could get compromised when remotely accessing a server over Microsoft’s Remote Desktop Protocol? Though Microsoft had patched the vulnerability (CVE-2019-0887) as part of its July 2019 Patch Tuesday update, it turns out researchers were able to bypass the patch just by replacing the backward 
Subscribe to:
Post Comments (Atom)
Popular Posts
-
Threat actors are exploiting ProxyLogon and ProxyShell exploits in unpatched Microsoft Exchange Servers as part of an ongoing spam campaign
-
The connection between the Apple Watch and an iPhone is the core of Apple’s wearable experience, and for the first time, the company gave th...
-
You might not need to panic. BroadSoft tells Gizmodo that it locked down its Amazon data (Charter says it was taken down) and hasn’t seen ev...
No comments:
Post a Comment