- May 4, 2019
- 801
Remember the reverse RDP attack?
Earlier this year, researchers disclosed clipboard hijacking and path-traversal issues in Microsoft's Windows built-in RDP client that could allow a malicious RDP server to compromise a client computer, reversely.
(You can find details and a video demonstration for this security vulnerability, along with dozens of critical flaws in other third-party RDP clients, in a previous article written by Swati Khandelwal for The Hacker News.)
At the time when researchers responsibly reported this path-traversal issue to Microsoft, in October 2018, the company acknowledged the issue but decided not to address it.
Now, it turns out that Microsoft silently patched this vulnerability (CVE-2019-0887) just last month as part of its July Patch Tuesday updates after Eyal Itkin, security researcher at CheckPoint, found the same issue affecting Microsoft's Hyper-V technology as well.
Microsoft's Hyper-V is a virtualization technology that comes built-in with Windows operating system, enabling users to run multiple operating systems at the same time as virtual machines. Microsoft's Azure cloud service also uses Hyper-V for server virtualization.
Earlier this year, researchers disclosed clipboard hijacking and path-traversal issues in Microsoft's Windows built-in RDP client that could allow a malicious RDP server to compromise a client computer, reversely.
(You can find details and a video demonstration for this security vulnerability, along with dozens of critical flaws in other third-party RDP clients, in a previous article written by Swati Khandelwal for The Hacker News.)
At the time when researchers responsibly reported this path-traversal issue to Microsoft, in October 2018, the company acknowledged the issue but decided not to address it.
Now, it turns out that Microsoft silently patched this vulnerability (CVE-2019-0887) just last month as part of its July Patch Tuesday updates after Eyal Itkin, security researcher at CheckPoint, found the same issue affecting Microsoft's Hyper-V technology as well.
Microsoft's Hyper-V is a virtualization technology that comes built-in with Windows operating system, enabling users to run multiple operating systems at the same time as virtual machines. Microsoft's Azure cloud service also uses Hyper-V for server virtualization.
Reverse RDP Attack Also Enables Guest-to-Host Escape in Microsoft Hyper-V
Reverse RDP attack also affects Microsoft Hyper-V, allowing a malicious virtual machine to hack the host Windows OS, reversely.
thehackernews.com