Microsoft Scrambles to Issue Patch for New RDP Security Hole
A new vulnerability was discovered within remote desktop protocol (RDP) ports, although the technical details of the gap are being kept under wraps.
We do know, the vulnerability found impacts Windows Server 2008 and Window 7, as well as out-of-support versions Windows 2003 and XP. Microsoft has released a patch, which may be found here. The software giant has deemed this vulnerability critical for three reasons. First, the gap requires no interaction from users, as it is considered “wormable”. Second, hackers may use RDP access to easily exploit the entire network, not just a single device. Third, there are millions of users with impacted systems and enabled RDP ports.
Saying this update is critical, may be an understatement.
Therefore, anyone who is currently using any of the impacted versions of Windows should install the patch provided by Microsoft immediately.
Beyond the vulnerability threat, hackers have been seen using RDP ports as a means to infect networks around the globe. Therefore, beyond patch management, users and IT professionals should survey the devices that have RDP enabled. If the function is not being utilized, users should disable the port entirely. By closing the port, the risk of hackers malicious exploiting it will be eliminated.