MS15-082: Vulnerability in RDP Could Allow Remote Code Execution (3080348)
Medium Nessus Plugin ID 85332
SynopsisThe remote Windows host is affected by multiple vulnerabilities.
DescriptionThe remote Windows host is missing a security update. It is, therefore affected by the following vulnerabilities :
- A spoofing vulnerability exists due to the Remote Desktop Session Host (RDSH) not properly validating certificates during authentication. An man-in-the-middle attacker can exploit this to impersonate a client session by spoofing a TLS/SSL server via a certificate that appears valid. (CVE-2015-2472)
- A code execution vulnerability exists due to the Remote Desktop Protocol client not properly handling the loading of certain specially crafted DLL files. An attacker, by placing a malicious DLL in the user's current working directory and convincing the user to open a crafted RDP file, can exploit this issue to execute arbitrary code in the context of the user.
SolutionMicrosoft has released a set of patches for Windows Vista, 2008, 7, 2008 R2, 8, 8.1, 2012, 2012 R2, RT, and RT 8.1.