“Windows kernel hacker” Luca Marcelli has published a video on Tweeter demonstrating his successful breaching of Windows Remote Desktop Gateway (RDG) by remote code execution (RCE).

The hack takes advantage of two Windows server security vulnerabilities about which Microsoft has already alerted users.

There are security updates for the CVE-2020-0609 and CVE-2020-0610 vulnerabilities, but just in case you’re having second thoughts about using them, this hacker has just shown how real the threat to your system is.

Hackers can remotely manipulate your system and data

In any case, Microsoft hasn’t suggested another effective way to handle the issue, so patching seems to be the only way to keep your Windows PC safe from the threat for now.

Luca recommends disabling UDP traffic for the RDG to thwart an RCE attack like the one he just demonstrated.

If installing the update is not an option you should apply other measurements such as disabling UDP traffic. I’ll wait a bit until people had enough time to patch before releasing this to the public 🙂

— Luca Marcelli (@layle_ctf) January 26, 2020

Organizations use Windows RDG to let their employees remotely connect to the company’s IT resources via any device with a remote desktop client application. Such a connection should generally be secure and hack-proof, especially if it incorporates multi-factor authentication.

But in an RCE attack that exploits Windows RDG security weaknesses, a hacker doesn’t have to submit the correct user credentials to access company files. That’s because the attack takes place before the activation of authentication protocols.

Patching your system is the only way to stay safe

The RDG itself gives the intruder the prerequisite remote access, so they don’t even have to be physically there to execute their malicious code. Worse still, the intrusion is stealth, seeing as the “specially crafted requests” to the target system or device require no user interactions to get through.

Microsoft says that a successful exploit of this vulnerability could enable a hacker to deploy new programs or view/ alter data. Organizations holding sensitive personal information wouldn’t want to take that risk, especially against the backdrop of more stringent data protection regulations worldwide.

The Windows operating system maker has, in the past, identified other Remote Desktop Protocol (RDP) vulnerabilities that may be worth your attention. There are fixes for these bugs too. To be on the safe side, consider keeping pace with the latest Patch Tuesday updates.

  • READ NEXT: Best anti-hacking software for Windows 10 [2020 Guide]

If the advices above haven’t solved your issue, your PC may experience deeper Windows problems. We recommend downloading this PC Repair tool (rated Great on TrustPilot.com) to easily address them. After installation, simply click the Start Scan button and then press on Repair All.

Still having issues? Fix them with this tool:

SPONSORED

  • Remote Desktop Connection

Email *

Commenting as . Not you?

Comment