Remote Desktop Services Remote Code Execution Vulnerability

  • by

A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Systems affected:

  • MS Windows 7
  • MS Windows Server 2008

Details can be found here..

Leave a Reply

Your email address will not be published. Required fields are marked *