Microsoft Windows Remote Desktop Protocol CVE-2016-0019 Security Bypass Vulnerability

Description

Microsoft Windows Remote Desktop Protocol is prone to a security-bypass vulnerability. Successful exploits may allow an attacker to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks.

Technologies Affected

• Microsoft Windows 10 for 32-bit Systems
• Microsoft Windows 10 for x64-based Systems
• Microsoft Windows 10 version 1511 for 32-bit Systems
• Microsoft Windows 10 version 1511 for x64-based Systems

Recommendations

Block external access at the network boundary, unless external parties require service.
If global access isn’t needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of successful exploits.

Run all software as a nonprivileged user with minimal access rights.
To limit the impact of a successful exploit, run server software with the least privileges required and in restricted environments while still maintaining functionality.

Updates are available. Please see the references or vendor advisory for more information.