|
Wiggly Wayne DDS posted:been a while since the last pre-auth rdp rce CVSS3 Base 9.8 score, pre-authentication, wormable attack against RDP: quote:A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708 lol
|
#
¿
May 14, 2019 19:45
|
|
|
|
| # ¿ Apr 29, 2024 09:38 |
|
|
BangersInMyKnickers posted:yeah but it will also accept legacy RDP. I think you need to screw with GPOs to make it not accept them you do have to force NLA-only mode via gpo/registry. i have that set but patched it anyways because why not
|
|
#
¿
May 14, 2019 20:16
|
|
|
also this affects winxp/server 2003 and it's so bad they are pushing legacy patches for those out of support platforms. there's going to be a ton of servers out there that still accept pre-NLA RDP so yeah this could get ugly
|
|
#
¿
May 14, 2019 20:17
|
|
|
BangersInMyKnickers posted:Yeah I think that's why it doesn't impact newer OS's, they stopped supporting legacy RDP auth because that all old lovely XP/2003 could do but we're well pass end of their service life and MS is actually shutting off legacy protocols by default in their new releases yeah, NLA is required on windows 8+/server 2012+ so they are safe. they should have switched it so have you turn NLA explictly off with an update for 7/2008r2 when xp/2003 went eol but that's microsoft 
|
|
#
¿
May 14, 2019 20:32
|
|
|
let's add this bullshit to the pile today: https://cpu.fail/ all intel cpus since nehalem vulnerable to some degree of side channel attacks, some of which can only be mitigated fully by disabling hyperthreading entirely yikes
|
|
#
¿
May 14, 2019 20:43
|
|
|
pseudorandom name posted:these are the "Lenovo microcode" CVEs we were talking about earlier oh ok. there's been a lot of poo poo flying around today
|
|
#
¿
May 14, 2019 21:29
|
|
|
BangersInMyKnickers posted:the amd ones seem fine for now. probably something to do with having actual consideration for security implications in their architecture instead of blindly chasing IPC gains it turns out that when you cheat and cut corners with your designs with the goal of improving speed at any cost you tend to create security vulnerabilities. i'm kind of laughing at the fact that the hardware fixes in the newest coffee lake processors seem to make at least meltdown easier, probably because intel rushed to fix the problem without really paying full attention to the implications of their fix
|
|
#
¿
May 14, 2019 23:22
|
|
|
Lutha Mahtin posted:is this true? or is it just coincidence that intel has been hit harder so far amd had some exposure to spectre like everyone else did, but none of the other side-channel attacks seem to have affected them (or at least there is no proven exploit for AMD to date)
|
|
#
¿
May 14, 2019 23:26
|
|
|
|
| # ¿ Apr 29, 2024 09:38 |
|
|
sounds like so long as you have NLA on those RDP vulnerabilities aren't wormable and thus you don't need to rush to patch them if you somehow have NLA off in 2019 then wtf are you doing?
|
|
#
¿
Aug 13, 2019 22:58
|
|