In Win8 Remote Desktop vulnerabilities: the use of QQ Pinyin pure version achieve provided the right of this article, The authors found through a"Remote Desktop input method loophole". right, so as to achieve control Winows 8 The remote machine method. Here is what principle?
When we see the Remote Desktop shows the login screen all the time, because this time and not already logged in user, so this stage open all the applications are based on the system permissions to run. A To system permissions to run the application in the implementation of quite a lot of operation are not required to mention the right to, and by this application to open other applications, also run with system permissions, which is why we see the authors can be directly through the net. exe command successfully added the administrator account causes the system account to the user account running this command will need to improve.
However, this is not a Windows design on the vulnerability that this invasion success is because of this Windows 8 machine is extremely stupid configuration. This is like the Bank didn't lock the vault door, and then the theft after they blame the door lock....... In fact, the insecurity of not theoperating system, but the user itself. Below we specific to see what are the unsafe setting leads to machines being invaded.
Error 1: Using insecure third-party keyboard as the default input method
After testing found that, if you do not use a third party keyboard as the default input method, in the login screen is not transferred out of these third-party input method, can only use the system itself to the keyboard. And comes with the keyboard is simply unable to invoke the browser, or other. Allow an unsafe program in the login screen running, which is already quite dangerous, because these programs would all in no need to provide the right system permissions to run. If this app is not call browser, but directly calls on the network of a malicious program, that it simply is no solution of things.
Error 2: The use of insecure Remote Desktop authentication
Traditional Remote Desktop Connection is first open the rdp session the login screen is presented, which led to the present example, the remote user can directly access the login interface of a program on this issue. And Network Level Authentication is a Microsoft in Vista after the introduction of the Remote Desktop of a mechanism, its principle is to let the user in the local positively identified only after opening the rdp session, this avoids the remote computer to upload the entire login screen, but can also to a certain extent to avoidDDoSand the like attacks. This setting in the configuration Win8 Remote Desktop is enabled by default, but don't know why the case of the Win8 machines is not enabled, may be to make a lower version of the Remote Desktop can be smoothly connected to the reason the strike is.
Said so much, in fact, is to remind everyone that the system itself is the security mechanism for the average person is sufficient, but if you put these security mechanisms are canceled, then you use Win8 or XP in security really is nothing difference. There are some half-baked user to turn off UAC, use the built-in administrator, that a third-party rogue security even if it is real security, pattern Tucson broken Ah.
Note: QQ input method of the vulnerabilities do not know what time to be found, but already in the latest version, fixed, now there is no new emergence of the other through the QQ input method to tune out the IE browser of the methods. QQ Pinyin of the development team was quite awesome, there is no vulnerability in the software, as soon as possible to fix vulnerabilities is security software.