Microsoft Windows Remote Desktop Protocol Denial of Service Vulnerability

Last Update Date: 12 Mar 2015 Release Date: 11 Mar 2015 3717 Views

RISK: High Risk

High Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker creates multiple RDP sessions that fail to properly free objects in memory. Note that the denial of service would not allow an attacker to execute code or to elevate their user rights. However, it could prevent legitimate users from logging on through remote desktop. An unauthenticated attacker could use this vulnerability to exhaust the system memory by creating multiple RDP sessions. An attacker who successfully exploited the vulnerability could cause the target system to stop responding. The update addresses the vulnerability by correcting how RDP manages objects in memory.

Impact

  • Denial of Service

System / Technologies affected

  • Windows 7
  • Windows 8 and Windows 8.1
  • Windows Server 2012 and Windows Server 2012 R2
     

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft Windows Photo Decoder Component Information Disclosure Vulnerability

11 Mar 2015 3631 Views

Next

Microsoft Windows Schannel Security Feature Bypass Vulnerability

11 Mar 2015 3843 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY