Windows RDP flaw: ‘Install Microsoft’s patch, turn on your firewall’

Microsoft’s Patch Tuesday updates for March deliver fixes for 75 security bugs, including patches for 15 critical flaws and a serious vulnerability that exposes sysadmins to credential theft. In addition to new updates to mitigate Meltdown and Spectre, Microsoft has released fixes for 15 critical flaws affecting the scripting engine in Internet Explorer 11 and its JavaScript engine ChakraCore in Microsoft Edge. There are also 61 important fixes for Windows, Office, and ASP.NET Core.

An important-rated bug that’s caught the attention of severalsecurity firms is CVE-2018-0886, a remote code execution flaw that affects CredSSP (the Credential Security Support Provider protocol). CredSSP is used in Microsoft’s widely used Remote Desktop Protocol (RDP) and Windows Remote Management (WinRM) to relay user credentials from a client to an application’s server.

Microsoft says: “CredSSP is an authentication provider which processes authentication requests for other applications; any application which depends on CredSSP for authentication may be vulnerable to this type of attack.”

Read more about the protocol bug in Windows RDP that can be used by attackers to steal session authentication and take over a network domain on ZDNet.

Track the strategic threats to your business with the Threat Brief, delivered to your email daily.

Subscribe Here