Windows Remote Desktop Lets Hackers Steal Data from your Device. Microsoft Windows Remote Desktop is One of the most important tools that help many us for a long time. Microsoft Remote Desktop Assistance it uses MS RDP (Remote Desktop Protocol) that will establish secure con between two trusted user. The Primary use of Microsoft Remote Desktop Assistance is Control your device anywhere in the world.
In this article “Windows Remote Desktop Lets Hackers Steal Data” we are going how to save your device remote exploit attack
Windows Remote Desktop Lets Hackers Steal Data
You have been war by the elder that “never let your door open to untrusted people for any reason” I Personal follow the Art of War quote “Never let your door open unguarded ” both for trusted and untrusted people.
A critical vulnerability has been discovered in Microsoft’s Windows Remote Assistance feature(Microsoft Windows RPC DCOM) that affects all versions of Windows to date, including Windows 10, 8.1, RT 8.1, and 7, and allows remote attackers to steal sensitive files on the targeted machine.
This exploits widespread usage as soon you are open the RPC DCOM exploits to penetrate the machine and create shell back door to the attacker.
Exploiting Windows Remote Desktop Lets Hackers Steal Data
The vulnerability was discovered by Nabeel Ahmed of Trend Micro Zero Day Initiative discovered and reported an information disclosure vulnerability (CVE-2018-0878) in Windows Remote Assistance that could allow attackers to obtain information to further compromise the victim’s system. The security breached already patch for this vulnerability is now, the researcher has finally released how this Windows Remote Desktop Lets Hackers Steal Data.
Steps Of Windows Remote Desktop Lets Hackers Steal Data
When setting up Windows Remote Assistance, the option gives you two options Invite someone to help you and Respond to someone who needs help.
Selecting the first option helps users generate an invitation file. ‘invitation.msrcincident,’ which contains XML data with a lot of parameters and values required for authentication.
This parser does not properly validate the content, as a result, attacker can simply send a specially modified payload (Remote Assistance invitation file) containing malicious code to the victim, tricking the targeted computer to submit the content of specific files from known locations to a remote server controlled by the attackers
Microsoft Explain: “The stolen information could be submitted as part of the URL in the HTTP request(s) to the attacker. In all cases, an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action,”
This exploit can trick user giving a thought that they are helping others with Remote Desktop Support but instead they become the victim and they don’t even notice data breach. Windows Remote Desktop Lets Hackers Steal Data exploit can be used by large scale phishing attack. Researcher warns this.
Activate McAfee Antivirus and Download Here – McAfee.com/activate
Source : https://www.techyuga.com