1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News Leak outs Microsoft RDP vulnerability exploit

Discussion in 'Article Discussion' started by brumgrunt, 19 Mar 2012.

  1. brumgrunt

    brumgrunt What's a Dremel?

    Joined:
    16 Dec 2011
    Posts:
    1,009
    Likes Received:
    27
  2. Action_Parsnip

    Action_Parsnip What's a Dremel?

    Joined:
    3 Apr 2009
    Posts:
    720
    Likes Received:
    40
    "claims that the public proof-of-concept code contains the exact same packet he crafted in his submission to Microsoft. The implication: somebody at Microsoft or TippingPoint leaked the information to the bad guys."

    Or he leaked it....
     
  3. schmidtbag

    schmidtbag What's a Dremel?

    Joined:
    30 Jul 2010
    Posts:
    1,082
    Likes Received:
    10
    when i heard ms expecting 30 days to exploit the vulnerability the first thing i thought was "ms has no idea how oblivious they are to programmers who are much better than their own. i expect this will only take a few days" and as i kept reading i found out i was right.

    when windows 7 was first released, microsoft was acting all proud of this supposed new anti-piracy method (which still uses the same stupid randomly generated code that has been proven over and over again that it doesn't work) yet windows 7 was successfully pirated before it was even on the shelves. MS seriously needs to stop acting like their developers know best.
     
  4. GoodBytes

    GoodBytes How many wifi's does it have?

    Joined:
    20 Jan 2007
    Posts:
    12,300
    Likes Received:
    710
    Actually Microsoft is correct.
    If you have your Windows set to allow connections only from computers running Remote Desktop with Network Level Authentication, than this issue doesn't affect you. If you selected the less secure one, to allow an XP or Windows 2000 machine to connect to your computer, NOW you should be worried. It took since 2001 all the way up to 2012 (now) to hack/find security hole in the XP Remote Desktop. That's pretty dam impressive, consider that XP security was a complete joke (in today's needs), and bombarded with security holes.
     
  5. John_T

    John_T Minimodder

    Joined:
    3 Aug 2009
    Posts:
    533
    Likes Received:
    23
    Why on earth would he leak it? He found/developed the thing in the first place. If he wanted to use it himself, he'd have used it himself. Secretly. No-one would have know it was him, no-one would have known the exploit existed and so no-one would have been prepared to defend against it.
     
Tags: Add Tags

Share This Page