The latest server updates include a patch for Microsoft RDP server security vulnerability. Every organization should ensure this patch is applied immediately.
For those unaware, Microsoft RDP server is a secure network communications protocol designed for remote access to virtual desktops, applications, and an RDP terminal server.
The RDP server security vulnerability could allow remote code execution via a physical or WiFi connection. It would cause a Man-in-the-Middle attack allowing the hackers to steal session data including local user credentials.
A man-in-the-middle cyber attack (MITM) is where the cybercriminal secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other. The consequences can be devasting depending on what information obtain or manipulated.
In 2015, they were 49 people arrested on suspicion of using Man-in-the-Middle (MiTM) attacks to sniff out and intercept payment requests from email in Europe. The suspects were arrested in Italy, Spain, Poland, the UK, Belgium, and Georgia. They were able to uncover international fraud totaling €6 million.
Microsoft has stated that the bug has not been exploited by hackers and cybercriminals however it can cause serious damage if left unpatched.
Microsoft has announced they released a preliminary fix for a Microsoft RDP server security vulnerability. This fix has been rated as important and should be applied to all Windows server operating system 2008 onward.
This Microsoft RDP server security vulnerability should be taken seriously as if hackers are successful, it will give them large amounts of time to discover your network and plan out many other different types of ransomware until they find one that works.
Our complimentary network and security assessment can put your IT infrastructure and business to the test including your Microsoft RDP server.
365 iT SOLUTIONS is Toronto’s leading IT consulting boutique firm offering industry-leading IT solutions including Managed IT Services, IT Support Services, IT Outsourcing Services, Tech Support Services and Cloud Services.