The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how CredSSP validates request during the authentication process, aka "CredSSP Remote Code Execution Vulnerability".
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft windows 10 - |
||
microsoft windows 10 1511 |
||
microsoft windows 10 1607 |
||
microsoft windows server 2016 1803 |
||
microsoft windows 10 1703 |
||
microsoft windows 10 1803 |
||
microsoft windows server 2012 - |
||
microsoft windows server 2016 - |
||
microsoft windows 8.1 - |
||
microsoft windows rt 8.1 - |
||
microsoft windows server 2008 - |
||
microsoft windows server 2008 r2 |
||
microsoft windows 10 1709 |
||
microsoft windows 7 - |
||
microsoft windows server 2012 r2 |
||
microsoft windows server 2016 1709 |
No update installed? No connection Cybercrooks are pimping out pwned RDP servers
Black Hat Asia Microsoft will prevent Windows Server from authenticating RDP clients that have not been patched to address a security flaw that can be exploited by miscreants to hijack systems and laterally move across a network. The bug, CVE-2018-0886, was fixed in March's Patch Tuesday software update, and involves Microsoft's implementation of its Credential Security Support Provider protocol (CredSSP). A miscreant-in-the-middle on a corporate network can abuse the flaw to send arbitrary comm...