You might want to rethink enabling RDP unless you have NLA set up

March 14, 2012 - 12:36 PM |
Tagged:

Remote Desktop Protocol is a very handy tool, as the name suggests it allows you to take remote control of a desktop and is commonly used for everything from logging into a remote server to change settings to helping a long distance friend to get their printer installed to logging onto your home machine to start a Steam download and install so your game will be ready for you when you get home from work.  Unfortunately it does open up a way into your PC for attackers, though thanks to the Network Level Authentication feature which was added into Vista and later versions of Windows, PCs on an authenticated network are much safer than they would be without it.  Unfortunately NLA will not exist on home workgroups, nor is it supported by versions of Windows previous to Vista.  That is why The Register warns of a RDP vulnerability that Microsoft will be patching next patch Tuesday, as older machines as well as home machines could be at risk if someone launches an attack before the patch is released and installed.  For the mean time you might want to disable RDP unless you actually use it regularly.

rdp.png

"The critical flaw covers all versions of Windows and is found in the Remote Desktop Protocol (RDP). It allows attackers to run code remotely behind the firewall, although Vista users and above can activate the Remote Desktop’s Network Level Authentication (NLA) to trigger an authentication request. RDP is disabled by default, but is often activated."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Register