Unpatched Bug Let Attackers Bypass Windows Lock Screen On RDP Sessions

Posted by & filed under Security Alerts.

A security researcher today revealed details of a newly unpatched vulnerability in Microsoft Windows Remote Desktop Protocol (RDP).  Tracked as CVE-2019-9510, the reported vulnerability could allow client-side attackers to bypass the lock screen on remote desktop (RD) sessions. Discovered by Joe Tammariello of Carnegie Mellon University Software Engineering Institute (SEI), the flaw exists when Microsoft Windows… Read more »

Windows 10 Could Break If Capability SIDs Are Removed From Permissions

Posted by & filed under Security Alerts.

Microsoft issued a warning yesterday stating that removing Windows account security identifiers (SIDS) that do not have a “friendly” name from security permissions could cause problems in Windows and installed applications. Starting with Windows 2012 and Windows 8, Microsoft introduced a new type of security identifier called capability SIDs that grants a Windows component or UWP app access to… Read more »