New Vulnerabilities for Windows and Remote Desktop Gateway Users

Jan 17, 2020

How well do you understand the IT vulnerabilities of your business, and is your organization adequately prepared and protected against the most up-to-date attacks?

These questions are particularly relevant at the moment, as malicious actors and cyber criminals use ever more subtle and innovative ways to attack businesses. Currently, there are two large vulnerabilities in particular making their way around for Remote Desktop Gateway servers and Windows users.

The first of these is the RCE (Remote Code Execution) vulnerability against Remote Desktop Gateway servers, which functions without requiring any working credentials. 

Unauthenticated attackers connecting to the target system using RDP can send specially crafted requests, allowing them to execute code, install programs, view, change or delete data, or create new accounts.

The second is that Windows CryptoAPI fails to properly validate ECC certificate chains, meaning that would-be attackers are able to spoof valid certificate chains on a Windows system, allowing them to modify TLS-encrypted communications if they attack it.

Any software, including third-party non-Microsoft software, that relies on the Windows certificate validation function may be vulnerable to untrustworthy certificates. While both vulnerabilities are still concept-only, researchers have shown that the RCE vulnerability at least is valid, having already crashed an RD gateway in a test.

Organizations that use Remote Desktop Gateway servers, and anyone relying on Windows certificate validations, are currently potentially vulnerable.

Thankfully, CompuVision are aware of the threats posed, and taking immediate action. Both vulnerabilities are relatively easy fixes, with Microsoft providing a patch in their CVE-2020-0601 update. Patching will be carried out by the NOC team, who will be reaching out to our clients to confirm shortly. Patches will be applied during normal maintenance windows.

In terms of futureproofing your organisation, it is well worth getting in touch with your CompuVision support team to discuss ways forward, and how you can stay ahead of issues like these. For anyone who manages their IT in-house, we strongly advise checking that your internal team is on top of these vulnerabilities. If you would like to discuss ways that CompuVision can help protect your organisation, our Sales Team is always ready to give help and advice at the other end of the phone. 

Connections Blog

Share This