Microsoft Windows RDP Information Disclosure Vulnerability

Last Update Date: 12 May 2016 Release Date: 11 May 2016 3236 Views

RISK: Medium Risk

Medium Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

An information disclosure vulnerability exists in Microsoft Windows when a USB disk mounted over Remote Desktop Protocol (RDP) via Microsoft RemoteFX is not correctly tied to the session of the mounting user. An attacker who successfully exploited this vulnerability could obtain access to file and directory information on the mounting user’s USB disk. This update addresses the vulnerability by ensuring that access to USB disks over RDP is correctly enforced to prevent non-mounting session access.

Impact

  • Information Disclosure

System / Technologies affected

  • Windows Server 2012, 2012 R2
  • Windows 8.1, RT 8.1

Solutions

在安裝軟體之前,請先瀏覽軟體供應商之網站,以獲得更多詳細資料。

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft Windows Hypervisor Security Feature Bypass Vulnerability

11 May 2016 3147 Views

Next

Adobe Acrobat and Reader Multiple Vulnerabilities

11 May 2016 3156 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY