Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Microsoft has patched the critical vulnerability on Android Remote Desktop application
Not long ago, Microsoft released a security recommendation, which details the vulnerability that could cause data leakage, which previously only directly affected Windows Remote Desktop Protocol clients, But now has affected the Microsoft Remote Desktop application for Android operating system.
This vulnerability is currently monitored with CVE-2019-1108 identifiers, and dangerous ratings at the 'Important' level, but it is unclear why the security team has not yet assigned CVSS v3 scores. first.
- Leaked the Stable version of Microsoft Edge browser using Chromium kernel, invited to download and experience
The vulnerability is currently monitored with the CVE-2019-1108 identifier
Microsoft has revealed details about the vulnerability and almost immediately released a patch with Patch Tuesday update July 2019, along with a patch of 77 other vulnerabilities, 15 of which are classified at 'Critical'.
The potential for exploits is wide
'Information leak vulnerabilities exist when Windows RDP clients reveal incorrect content in its memory. The attacker could completely exploit this vulnerability, and if successful, they could hold the amount of information needed to deploy even more complex attacks on the victim's system, maybe even Take control of the system ', Microsoft's security recommendation stated.
To be able to successfully exploit this CVE-2019-1108 vulnerability, attackers will have to run a specially crafted application on devices that have not received the patch from Microsoft, after successfully setting up. Remote connection with the target system.
- Windows 10 Update again failed, unable to install the update, automatically reboot
Microsoft solved the flaw by revising the way the RDP client initializes memory, thereby eliminating the uninitialized memory leak for attackers - a factor that helps hackers successfully exploit. gap.
The Microsoft emulator analysis showed that the exploit code could be created by an attacker completely consistent with the vulnerability characteristics. Furthermore, Microsoft has just gathered a limited number of necessary information about successful exploits for these vulnerabilities reported. This will make the CVE-2019-1108 an attractive target for attackers, and therefore, it is likely that actual exploits methods have also been created. Therefore, users of Android Remote Desktop service should update their Windows to the latest version to minimize any possible risks.
- More than 40 Windows drivers contain dangerous privilege escalation vulnerabilities
Android Remote Desktop users should update their application to the latest version
Measures to minimize the impact from vulnerabilities
Microsoft recommends that all Android customers who have installed Microsoft Remote Desktop Android on their device install the latest security updates to be fully protected from future attacks.
- Windows Defender is one of the best antivirus applications in the world
Microsoft Remote Desktop for Android
In addition, users can also update their Microsoft Remote Desktop Android application to minimize the impact of this security vulnerability. The update process is as follows:
- Click on the Google Play icon on your main screen to access the app store.
- Swipe in from the left edge of the screen.
- Click My apps & games.
- Click the Update dialog box that appears next to the Remote Desktop application.
Microsoft Remote Desktop application on Play Store
Micah SotoYou should read it
- Instructions for activating and using Remote Desktop on Windows 10 computers
- How to enable and use Remote Desktop on Windows 11
- Microsoft warns of Windows BlueKeep attacks
- How to Hear Audio from the Remote PC when Using Remote Desktop
- Troubleshoot Remote Desktop problems
- Instructions to change the Remote Desktop port
- The difference between Remote Desktop (RDP) and VPN
- Many serious vulnerabilities have been discovered that allow attackers to take full control of the 4G router
May be interested
- New vulnerability in Mozilla Firefox allows third parties to access a saved password store
recently, mozilla has released version 68.0.2 for firefox to patch a serious vulnerability that allows third parties to access and copy the password store that you have stored in your browser. - VLC Media Player 3.0.8 was officially released with 13 security fixesvideolan has just launched vlc media player 3.0.8 and now this update is available for download for popular operating systems like windows, mac and linux.
- Detection of security vulnerabilities affects all Bluetooth versionsbluetooth is a connection technology that has been around for decades and is probably no stranger to every technology user.
- Many serious security holes are found in GitLabin the last week, gitlab has released a variety of unusual updates to thoroughly address some of the key security holes found on the platform.
- What is malware analysis? How are the steps taken?what is malware analysis? in what situations do we need to conduct malware analysis? how is the malware analysis process implemented?
- Discover the new malicious code, automatically record the victim's screen when they watch 'adult movies'yes, a finding may shock the global fa world.
Attack the network
Instructions for using Chrome Remote Desktop application on Android- Leaks information about Microsoft's new Remote Desktop application
- Microsoft Remote Desktop for iOS updates support mouse and trackpad
- Microsoft patched a critical vulnerability in Windows
- The NSA issued an urgent warning about a critical vulnerability appearing in Windows servers
Instructions for using Chrome Remote Desktop application on Android
Leaks information about Microsoft's new Remote Desktop application
Microsoft Remote Desktop for iOS updates support mouse and trackpad
Microsoft patched a critical vulnerability in Windows
The NSA issued an urgent warning about a critical vulnerability appearing in Windows servers