Vulnerability Allow Attackers Bypass Windows Lock Screen On RDP Sessions Vulnerability Allows Attack
Noted as CVE-2019-9510, the reported vulnerability could allow client-side attackers to bypass the lock screen on remote desktop sessions. the flaw exists when Microsoft Windows Remote Desktop feature requires clients to authenticate with Network Level Authentication (NLA), a feature that Microsoft recently recommended as a workaround against the critical BlueKeep RDP vulnerability. if a network anomaly triggers a temporary RDP disconnect while a client was already connected to the server but the login screen is still locked, then reconnection of the RDP session will be restored to an unlocked state, regardless of how the remote system was left A targeted user connects to a Windows 10 or Server 2019 system via RDS.The user locks the remote session and leaves the client device unattended . At this point an attacker with access to the client device can interrupt its network connectivity and gain access to the remote system without needing any credentials. Two-factor authentication systems that integrate with the Windows login screen, such as Duo Security MFA, are also bypassed using this mechanism. Any login banners dobe by an organization will also be bypassed in this method The vulnerablity is not yet been patched.How ever users can protect themselves against exploiting this vulnerability by locking the local system instead of the remote system and by disconnecting the remote desktop sessions instead of just locking them.
Buy ASUS X507 Core i5 - 8th Gen 15.6" FHD Thin and Light Laptop (8GB/1TB HDD/Windows 10/2GB MX130/Icicle Gold/1.6 kg), X507UF- EJ101T from Amazon. Click here to buy - https://amzn.to/2ERjvWI