Scroll Top

Microsoft Ignored Remote Desktop Protocol (RDP) Vulnerability Until it Affected in Hyper-V

Friday, August 17, 2019

Microsoft's Remote Desktop Protocol
Easy Access Point through the RDP Clipboard

According to several Microsoft officials, vulnerabilities were detected within the Microsoft’s Remote Desktop Protocol (RDP). The vulnerability was reported to Microsoft almost a year ago. It was only reported to affect the Remote Desktop Protocol. It recently was patched after discovering the bug lead to remote execution and directly impacts Microsoft’s Hyper-V product.

In February, a security software engineer, Eyal Itkin working for an independent firm named Check Point published technical details regarding the covered multiple RDP vulnerabilities and flaws. The primary focus for Itkin was to achieve a reverse RDP attack. This in turn would give the server of a remote connection gains control over the client.

This connection between the two machines was possible through the RDP sharing the clipboard. Subsequently, whatever is copied on the remote server can be pasted on the local client. In an interview with Itkin and BleepingComputer, Itkin explained that an attacker could use this vulnerability to compromise computers of privileged users in a company.

Another method sharing data information is called Enhanced Session Mode in Hyper-V which enables an RDP connection to virtual machines. This enables share devices and files between the two systems. The relation between the two products becomes evident Hyper-V virtual machine and a remote connection via Microsoft’s RDP client (mstsc.exe) share the same setting window.

For more information, click here and/or click here

Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.