No Windows RDP Update? No Connection

Microsoft is getting tougher on clients that do not update their software, as it outlines in its latest advisory. The tech giant has created CredSSP updates for security vulnerability CVE-2018-0886, which was originally patched on March 13 2018.

The CVE-2018-0886 security flaw is a remote code execution vulnerability that exists in the CredSSP. An attacker who successfully exploited this vulnerability could relay user credentials and use them to execute code on the target system. The patch released by Microsoft addresses the vulnerability by correcting how CredSSP validate requests during the authentication process.

According to Microsoft’s latest advisory, the RDP update will enhance the error message that is presented when an updated client fails to connect to a server that has not been updated from April 17 2018. It recommends that administrators apply the policy and set it to “Force updated clients” or “Mitigated” on client and server computers as soon as possible. 

The vulnerability was originally flagged to Microsoft in August 2017 by Preempt. The company wrote that the flaw affected all Windows versions to date, and noted that the vastness of the issue was great given that “RDP is the most popular application to perform remote logins.” The company used internal research to highlight that almost all enterprise customers were using RDP and were at risk.

What’s Hot on Infosecurity Magazine?