Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Microsoft has patched the critical vulnerability on Android Remote Desktop application
Not long ago, Microsoft released a security recommendation, which details the vulnerability that could cause data leakage, which previously only directly affected Windows Remote Desktop Protocol clients, But now has affected the Microsoft Remote Desktop application for Android operating system.
This vulnerability is currently monitored with CVE-2019-1108 identifiers, and dangerous ratings at the 'Important' level, but it is unclear why the security team has not yet assigned CVSS v3 scores. first.
- Leaked the Stable version of Microsoft Edge browser using Chromium kernel, invited to download and experience
The vulnerability is currently monitored with the CVE-2019-1108 identifier
Microsoft has revealed details about the vulnerability and almost immediately released a patch with Patch Tuesday update July 2019, along with a patch of 77 other vulnerabilities, 15 of which are classified at 'Critical'.
The potential for exploits is wide
'Information leak vulnerabilities exist when Windows RDP clients reveal incorrect content in its memory. The attacker could completely exploit this vulnerability, and if successful, they could hold the amount of information needed to deploy even more complex attacks on the victim's system, maybe even Take control of the system ', Microsoft's security recommendation stated.
To be able to successfully exploit this CVE-2019-1108 vulnerability, attackers will have to run a specially crafted application on devices that have not received the patch from Microsoft, after successfully setting up. Remote connection with the target system.
- Windows 10 Update again failed, unable to install the update, automatically reboot
Microsoft solved the flaw by revising the way the RDP client initializes memory, thereby eliminating the uninitialized memory leak for attackers - a factor that helps hackers successfully exploit. gap.
The Microsoft emulator analysis showed that the exploit code could be created by an attacker completely consistent with the vulnerability characteristics. Furthermore, Microsoft has just gathered a limited number of necessary information about successful exploits for these vulnerabilities reported. This will make the CVE-2019-1108 an attractive target for attackers, and therefore, it is likely that actual exploits methods have also been created. Therefore, users of Android Remote Desktop service should update their Windows to the latest version to minimize any possible risks.
- More than 40 Windows drivers contain dangerous privilege escalation vulnerabilities
Android Remote Desktop users should update their application to the latest version
Measures to minimize the impact from vulnerabilities
Microsoft recommends that all Android customers who have installed Microsoft Remote Desktop Android on their device install the latest security updates to be fully protected from future attacks.
- Windows Defender is one of the best antivirus applications in the world
Microsoft Remote Desktop for Android
In addition, users can also update their Microsoft Remote Desktop Android application to minimize the impact of this security vulnerability. The update process is as follows:
- Click on the Google Play icon on your main screen to access the app store.
- Swipe in from the left edge of the screen.
- Click My apps & games.
- Click the Update dialog box that appears next to the Remote Desktop application.
Microsoft Remote Desktop application on Play Store
Micah SotoYou should read it
- Instructions for activating and using Remote Desktop on Windows 10 computers
- How to enable and use Remote Desktop on Windows 11
- Microsoft warns of Windows BlueKeep attacks
- How to Hear Audio from the Remote PC when Using Remote Desktop
- Troubleshoot Remote Desktop problems
- Instructions to change the Remote Desktop port
- The difference between Remote Desktop (RDP) and VPN
- Many serious vulnerabilities have been discovered that allow attackers to take full control of the 4G router
May be interested
- Microsoft has just patched a critical security hole in Windows 10 discovered in 2018
in patch tuesday released august 2020, microsoft patched a vulnerability that allowed hackers to turn msi files into java files that could spread malicious code on windows 10. and more importantly, malicious files. this harm retains the legal digital signature. - Microsoft urgently patched zero-day vulnerability after 2 years of refusing to acknowledge itmicrosoft has just released security updates to fix a high-severity zero-day vulnerability in windows.
- 'Printer Catastrophe' Vulnerability Threatens All Versions of Windowsalthough microsoft releases patches for windows vulnerabilities on a monthly basis, there are still security issues that remain. recently, the us cybersecurity and infrastructure agency (cisa) reported a critical vulnerability in the windows print spooler system.
- 5 best remote desktop applications for Linux to access remote computersthe easiest way to control the remote computer is through the terminal, but you must enter the command for it. if you want to use a more advanced way, use one of the five best remote desktop applications for linux below.
- Microsoft sparks outrage by renaming Remote Desktop app on some platformsmac users recently noticed that microsoft placed a small banner inside the remote desktop app to warn about the upcoming rename.
- Zalo PC has a serious RCE error, you should be careful when receiving attachmentszalo pc's critical vulnerabilities have just been announced by the cyberjutsu security research team.
- How to Hear Audio from the Remote PC when Using Remote Desktopwindows remote desktop connection will play sound from the remote computer on the one you are using to access it by default.http://windows.microsoft.com/en-us/windows-vista/changing-remote-desktop-settings if you are having trouble you can...
- Microsoft patches vulnerability in Windows AppX Installer being used to spread Emotet malwaremicrosoft has patched a critical zero-day vulnerability in windows that is being exploited by cybercriminals to spread emotet malware.
- The difference between Remote Desktop (RDP) and VPNwhile people are constantly connecting to remote servers to browse the web, talk to friends, and play games, gaining uncontrolled access comes from one of two ways: remote desktop and virtual private network, also known as vpn.
- Microsoft silently patched the KRACK WPA2 security holewhile other vendors are trying to release an update to patch the krack attack vulnerability yesterday, microsoft quietly corrected the problem in a patch last tuesday.
Attack the network
- New vulnerability in Mozilla Firefox allows third parties to access a saved password store
- VLC Media Player 3.0.8 was officially released with 13 security fixes
- Detection of security vulnerabilities affects all Bluetooth versions
- Many serious security holes are found in GitLab
- What is malware analysis? How are the steps taken?
- Discover the new malicious code, automatically record the victim's screen when they watch 'adult movies'
New vulnerability in Mozilla Firefox allows third parties to access a saved password store
VLC Media Player 3.0.8 was officially released with 13 security fixes
Detection of security vulnerabilities affects all Bluetooth versions
Many serious security holes are found in GitLab
What is malware analysis? How are the steps taken?
Discover the new malicious code, automatically record the victim's screen when they watch 'adult movies'