My Profile Photo

Bencey's Blog


Informing the world about the application of Technology.
If you are looking for Tier III Technologies click the button below


Post: Unpatched Bug Let Attackers Bypass Windows Lock Screen On RDP Sessions

The full article can be found Here

Key notes

A security researcher today revealed details of a newly unpatched vulnerability in Microsoft Windows Remote Desktop Protocol (RDP).

the reported vulnerability could allow client-side attackers to bypass the lock screen on remote desktop (RD) sessions.

According to Will Dormann, a vulnerability analyst at the CERT/CC, if a network anomaly triggers a temporary RDP disconnect while a client was already connected to the server but the login screen is locked, then “upon reconnection the RDP session will be restored to an unlocked state, regardless of how the remote system was left.”

“Two-factor authentication systems that integrate with the Windows login screen, such as Duo Security MFA, are also bypassed using this mechanism. Any login banners enforced by an organization will also be bypassed.”

A video recording of the exploit can be found Here

Bencey