Security professionals allege RDP vulnerability
ccording to security professionals, it's possible for users of Microsoft's new RDP 6.0 client to bypass server-side security settings and successfully establish connections—even when their sessions haven't been authenticated.
"With Terminal server installed on Windows 2003 Server [sic] with current service packs and patches it is possible to bypass the server side setting that requires SSL with a self-signed cert," the Bugtraq contributor—an enterprise support specialist with a state government agency—wrote.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.