Zero-day flaw in Windows allows attackers to hijack remote desktop sessions

In News

A zero-day vulnerability has been found that affects Windows systems with active Remote Desktop Protocol (RDP) sessions. Called CVE-2019-9510, the vulnerability lies in Windows RDP Network Level Authentication(NLA) that allows attackers to bypass Windows lock screen and permit unauthorized access to the system. Those systems with Windows 10 (version 1803 or later) and Server 2019 are affected by this authentication bypass flaw.

Due to this flaw, two-factor authentication (2FA) mechanisms such as Duo Security MFA, could also be bypassed. As of now, there are no security patches provided by Microsoft to address this zero-day.

An advisory said: “It is important to note that this vulnerability is with the Microsoft Windows lock screen’s behavior when RDP is being used, and the vulnerability is present when no MFA solutions are installed. While MFA product vendors are affected by this vulnerability, the MFA software vendors are not necessarily at fault for relying on the Windows lock screen to behave as expected.”

Comments

You may also read!

Data Protection Day 2020: De-Risking in the Era of Transparency

Daniel Fried, General Manager (GM) and Senior Vice President (SVP), EMEA and Worldwide Channels, Veeam explains the relevance of

Read More...

Allegion showcases its latest security solutions at Intersec 2020

Allegion exhibited its latest security solutions at Intersec 2020. With a strong focus on security around the door and

Read More...

Infoblox announces 5-city cybersecurity tour throughout MEA

Infoblox announced that it is hosting a 5-city cybersecurity tour throughout Middle East & Africa (MEA) under the theme

Read More...

Join Our Newsletter!

Love SecurityMEA? We love to tell you about our new stuff. Subscribe to newsletter!

Mobile Sliding Menu