RDP Servers Can Hack Client Devices: Researchers
Check Point researchers have found a whopping 25 security flaws affecting popular remote desktop protocol (RDP) software, 16 of which were labeled as “major”. RDP makes it possible to remotely operate devices on a network. RDP accounts are increasingly popular targets for cybercriminals, as obtaining access to one can give them extensive, remote control over a computer. For example, ransomware strains like SamSam and CrySiS/Dharma are distributed almost exclusively through compromised RDP accounts.
Some of the discovered vulnerabilities made it possible for a hacker operating an RDP server to break into a device running the client RDP application. The research focused on FreeRDP, rdesktop, and the default Windows implementation Remote Desktop Connection. Most flaws affected rdesktop, while FreeRDP was found to be a little more secure. Remote Desktop Connection was the least vulnerable of the three, being impacted by only one weakness.