Microsoft Windows Remote Desktop Gateway (RD Gateway) is a Windows Server component that provides access to Remote Desktop services without requiring the client system to be present on the same network as the target system. Originally launched as Terminal Services Gateway (TS Gateway) with Windows Server 2008, RD Gateway is a recommended way to provide Remote Desktop connectivity to cloud-based systems. For example, guidance has been provided for using RD Gateway with AWS, and also with Azure. The use of RD Gateway is recommended to reduce the attack surface of Windows-based hosts.Microsoft RD Gateway in Windows Server 2012 and later contain two vulnerabilities that can allow an unauthenticated remote malicious user to execute arbitrary code with SYSTEM privileges. It is reported by Kryptos Logic that the flaws lie in handling of fragmentation. This vulnerability is exploitable by connecting to the RD Gateway service listening on UDP/3391.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
microsoft windows server 2012 - |
||
microsoft windows server 2012 r2 |
||
microsoft windows server 2016 - |
||
microsoft windows server 2019 - |
This month the vendor has patched 49 vulnerabilities, 8 of which are rated Critical.
Posted: 15 Jan, 202014 Min ReadThreat Intelligence SubscribeMicrosoft Patch Tuesday – January 2020This month the vendor has patched 49 vulnerabilities, 8 of which are rated Critical.This month the vendor has patched 49 vulnerabilities, 8 of which are rated Critical. As always, customers are advised to follow these security best practices: Install vendor patches as soon as they are available. Run all software with the least privileges required wh...
These statistics are based on detection verdicts for Kaspersky products received from users who consented to providing statistical data. According to Kaspersky Security Network, Q1 2020 will be remembered primarily for the coronavirus pandemic and cybercriminals’ exploitation of the topic. In particular, the creators of a new modification of the Ginp banking trojan renamed their malware Coronavirus Finder and then began offering it for €0.75 disguised as an app supposedly capable of detectin...
Also, Cisco, Citrix emit patches, US army advises using Signal
Roundup Here comes a summary of this week's computer security news beyond what we've already covered. An 18-year-old man from Canada has been accused of stealing more than $50m in cryptocurrency using SIM-swapping attacks. SIM swapping typically involves crooks tricking cellular network support staff to transfer victims' smartphone numbers to the criminals' own SIMs, and then using those numbers to reset passwords, or get two-factor authentication tokens, via text messages, and ultimately access...
Grab your Microsoft, Adobe, SAP, Intel, and VMware fixes now The four problems with the US government's latest rulebook on security bug disclosures
Patch Tuesday In the first Patch Tuesday of the year, Microsoft finds itself joined by Adobe, Intel, VMware, and SAP in dropping scheduled security updates. This month's Microsoft security fixes include three more remote-code-execution vulnerabilities in Redmond's Windows Remote Desktop Protocol software. Two of the flaws (CVE-2020-0609, CVE-2020-0610) are present on the server side in RD Gateway – requiring no authentication – while a third (CVE-2020-0611) is found on the client side. Dusti...
Vulmon