The new year is just over a fortnight old. That’s plenty of time for an excess of cybersecurity issues to hit the news wire, including a major issue with Windows 10 and Server 2016 that was so severe it was found by the National Security Agency (NSA).
Multiple vulnerabilities found in Microsoft Remote Desktop Protocol (RDP)
Buried a bit behind the news of the NSA’s findings to Microsoft on issues with Windows 10 and Server 2016 were a handful of vulnerabilities that, in short, are a big deal.
Many organizations use Microsoft RDP to gain remote access into network computers, allowing individuals to work securely from any location. However, vulnerabilities in the RDP system have made things so easy for attackers that a bad egg could gain access to networks using RDP without even having to provide a login.
Imagine, someone, rooting around in your remote computer or network without so much as stealing your login credentials to gain access.
“An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” said the Microsoft Security Response Center.
These vulnerabilities have the potential to have a long “shelf” life due mostly to the slow nature of patch installs on servers.