Windows Remote Desktop Gateway vulnerability

A vulnerability has recently been discovered in Windows Remote Desktop Gateway, which could leave you open to attacks. The vulnerability requires no user interaction and is pre-authentication. The attacker would be able to execute arbitrary code on your system. This means the attacker could install programs; view, change or delete data; or create new accounts with full user rights. An attacker only needs to send a specially crafted request to the correct service to exploit this vulnerability.

This vulnerability affects all Windows Server 2012 (or later) servers. Server Essentials 2012(R2) encourages and enables Remote Desktop Gateway usage by default, so it’s especially important to patch those.

While there are no known exploits using this vulnerability, it’s always better to be safe so we recommend applying the appropriate patch from this page quicker than you normally would.

Most Recent:

Random Pick:

Patch your PC urgently!

A new bug has been found in Outlook. If you read an email you can be automatically infected, you don’t have to do anything except read or preview the email.

Read More »