Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-35332: Windows Remote Desktop Protocol Security Feature Bypass

What security feature is bypassed with this vulnerability?

The RDP Gateway protocol is enforcing the usage of Datagram Transport Layer Security (DTLS) version 1.0, which is a deprecated (RFC 8996) protocol with known vulnerabilities. An attacker with a machine-in-the-middle (MitM) position who successfully exploited this vulnerability could compromise the confidentiality and integrity of data when the targeted user connects to a trusted server.

Microsoft Security Response Center
#vulnerability#mac#windows#ssl#Windows Remote Desktop#Security Vulnerability

Microsoft Security Response Center: Latest News

CVE-2024-49060: Azure Stack HCI Elevation of Privilege Vulnerability