Hi Everyone,
A critical vulnerability has been discovered in Credential Security Support Provider protocol (CredSSP) that affects all versions of Windows to date and could allow remote attackers to exploit RDP and WinRM to steal data and run malicious code.
This Flaw was discovered by researchers at Cybersecurity firm Preempt Security. This issue can be exploited by Man-in-the-middle attack with wifi or physical access to the network.
How to defend yourself?
- Recommended: To patch workstation and servers using available updates from the Microsoft.
- It would be better if the use of the privileged account is decreased. For more details click here