How to's, Security, Windows, Windows 10

Windows Remote Desktop Lets Hackers Steal Data

Windows Remote Desktop Lets Hackers Steal Data

Windows Remote Desktop Lets Hackers Steal Data from your Device. Microsoft Windows Remote Desktop is One of the most important tools that help many us for a long time. Microsoft Remote Desktop Assistance it uses MS RDP (Remote Desktop Protocol)  that will establish secure con between two trusted user. The Primary use of Microsoft Remote Desktop Assistance is Control your device anywhere in the world.

In this article “Windows Remote Desktop Lets Hackers Steal Data”  we are going how to save your device remote exploit attack

Windows Remote Desktop Lets Hackers Steal Data

You have been war by the elder that “never let your door open to untrusted people for any reason”  I Personal follow the Art of War quote “Never let your door open unguarded  ” both for trusted and untrusted people.

A critical vulnerability has been discovered in Microsoft’s Windows Remote Assistance feature(Microsoft Windows RPC DCOM) that affects all versions of Windows to date, including Windows 10, 8.1, RT 8.1, and 7, and allows remote attackers to steal sensitive files on the targeted machine.

This exploits widespread usage as soon you are open the RPC DCOM exploits to penetrate the machine and create shell back door to the attacker.

Exploiting  Windows Remote Desktop Lets Hackers Steal Data

The vulnerability was discovered by Nabeel Ahmed of Trend Micro Zero Day Initiative discovered and reported an information disclosure vulnerability (CVE-2018-0878) in Windows Remote Assistance that could allow attackers to obtain information to further compromise the victim’s system. The security breached already patch for this vulnerability is now, the researcher has finally released how this Windows Remote Desktop Lets Hackers Steal Data.

Steps Of Windows Remote Desktop Lets Hackers Steal Data

When setting up Windows Remote Assistance, the option gives you two options Invite someone to help you and Respond to someone who needs help.

Selecting the first option helps users generate an invitation file. ‘invitation.msrcincident,’ which contains XML data with a lot of parameters and values required for authentication.

Windows Remote Desktop Lets Hackers Steal DataThis parser does not properly validate the content, as a result, attacker can simply send a specially modified payload (Remote Assistance invitation file) containing malicious code to the victim, tricking the targeted computer to submit the content of specific files from known locations to a remote server controlled by the attackers

Microsoft Explain: “The stolen information could be submitted as part of the URL in the HTTP request(s) to the attacker. In all cases, an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action,”

 

This exploit can trick user giving a thought that they are helping others with Remote Desktop Support but instead they become the victim and they don’t even notice data breach. Windows Remote Desktop Lets Hackers Steal Data exploit can be used by large scale phishing attack. Researcher warns this.

Conclusion:

Microsoft already releases security patch so the best way to protect your device and data update your window OS with the latest update and regular update of antivirus and other security countermeasures.  The best way to secure your self never trusts anyone on Windows Remote Desktop. For Complete Security disinfected your device you consult with our Expert here

For More security tech tips&trick and windows error related article you can check our Blogs.

Do like Subscribe us  YouTube  For more tutorial and tech tips.  Until then Adios !!!

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *