Microsoft has patched the critical vulnerability on Android Remote Desktop application

Not long ago, Microsoft released a security recommendation, which details the vulnerability that could cause data leakage, which previously only directly affected Windows Remote Desktop Protocol clients, But now has affected the Microsoft Remote Desktop application for Android operating system.

This vulnerability is currently monitored with CVE-2019-1108 identifiers, and dangerous ratings at the 'Important' level, but it is unclear why the security team has not yet assigned CVSS v3 scores. first.

1. Leaked the Stable version of Microsoft Edge browser using Chromium kernel, invited to download and experience

Microsoft has patched the critical vulnerability on Android Remote Desktop application Picture 1 The vulnerability is currently monitored with the CVE-2019-1108 identifier

Microsoft has revealed details about the vulnerability and almost immediately released a patch with Patch Tuesday update July 2019, along with a patch of 77 other vulnerabilities, 15 of which are classified at 'Critical'.

The potential for exploits is wide

'Information leak vulnerabilities exist when Windows RDP clients reveal incorrect content in its memory. The attacker could completely exploit this vulnerability, and if successful, they could hold the amount of information needed to deploy even more complex attacks on the victim's system, maybe even Take control of the system ', Microsoft's security recommendation stated.

To be able to successfully exploit this CVE-2019-1108 vulnerability, attackers will have to run a specially crafted application on devices that have not received the patch from Microsoft, after successfully setting up. Remote connection with the target system.

1. Windows 10 Update again failed, unable to install the update, automatically reboot

Microsoft solved the flaw by revising the way the RDP client initializes memory, thereby eliminating the uninitialized memory leak for attackers - a factor that helps hackers successfully exploit. gap.

The Microsoft emulator analysis showed that the exploit code could be created by an attacker completely consistent with the vulnerability characteristics. Furthermore, Microsoft has just gathered a limited number of necessary information about successful exploits for these vulnerabilities reported. This will make the CVE-2019-1108 an attractive target for attackers, and therefore, it is likely that actual exploits methods have also been created. Therefore, users of Android Remote Desktop service should update their Windows to the latest version to minimize any possible risks.

1. More than 40 Windows drivers contain dangerous privilege escalation vulnerabilities

Microsoft has patched the critical vulnerability on Android Remote Desktop application Picture 2 Android Remote Desktop users should update their application to the latest version

Measures to minimize the impact from vulnerabilities

Microsoft recommends that all Android customers who have installed Microsoft Remote Desktop Android on their device install the latest security updates to be fully protected from future attacks.

1. Windows Defender is one of the best antivirus applications in the world

Microsoft has patched the critical vulnerability on Android Remote Desktop application Picture 3 Microsoft Remote Desktop for Android

In addition, users can also update their Microsoft Remote Desktop Android application to minimize the impact of this security vulnerability. The update process is as follows:

1. Click on the Google Play icon on your main screen to access the app store.
2. Swipe in from the left edge of the screen.
3. Click My apps & games.
4. Click the Update dialog box that appears next to the Remote Desktop application.

Microsoft has patched the critical vulnerability on Android Remote Desktop application Picture 4 Microsoft Remote Desktop application on Play Store