Summary
This host is missing an important security update according to Microsoft advisory (2861855).
Impact
Successful exploitation will allow remote attackers to bypass the security.
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, https://technet.microsoft.com/en-us/security/advisory/2861855
Insight
The flaw is due to security issue in Network-level Authentication (NLA) method in Remote Desktop Sessions.
Affected
Microsoft Windows 7 x32/x64 Service Pack 1 and prior Microsoft Windows Vista x32/x64 Service Pack 2 and prior Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
Detection
Get the vulnerable file version and check appropriate patch is applied or not.
References
Severity
Classification
-
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C
Related Vulnerabilities
- Microsoft Remote Desktop Protocol Security Advisory (2861855)
- Microsoft Windows DNS Devolution Third-Level Domain Name Resolving Weakness (971888)
- Microsoft Office Excel Axis and Art Object Parsing Remote Code Execution Vulnerabilities
- MS Windows Help and Support Center Remote Code Execution Vulnerability
- Adobe Acrobat 9 PDF Document Encryption Weakness Vulnerability (Win)