Zero-day flaw in Windows allows attackers to hijack remote desktop sessions

In News

A zero-day vulnerability has been found that affects Windows systems with active Remote Desktop Protocol (RDP) sessions. Called CVE-2019-9510, the vulnerability lies in Windows RDP Network Level Authentication(NLA) that allows attackers to bypass Windows lock screen and permit unauthorized access to the system. Those systems with Windows 10 (version 1803 or later) and Server 2019 are affected by this authentication bypass flaw.

Due to this flaw, two-factor authentication (2FA) mechanisms such as Duo Security MFA, could also be bypassed. As of now, there are no security patches provided by Microsoft to address this zero-day.

An advisory said: “It is important to note that this vulnerability is with the Microsoft Windows lock screen’s behavior when RDP is being used, and the vulnerability is present when no MFA solutions are installed. While MFA product vendors are affected by this vulnerability, the MFA software vendors are not necessarily at fault for relying on the Windows lock screen to behave as expected.”

Comments

You may also read!

Bulwark to showcase state-of-the-art IT security products at GITEX

UAE-based value added distributor, Bulwark Technologies announced that its portfolio of internationally acclaimed products lined up to be showcased

Read More...

Hacking my airplane

ESET’s security researcher, Cameron Camp points out that after welcoming hacking research, automobile technology started to get better at

Read More...

Are you building an effective SOC?

Haider Pasha, regional chief security officer, emerging markets, Palo Alto Networks shares his take on what makes an SOC

Read More...

Join Our Newsletter!

Love SecurityMEA? We love to tell you about our new stuff. Subscribe to newsletter!

Mobile Sliding Menu