{"id":75,"date":"2018-03-14T11:42:26","date_gmt":"2018-03-14T06:12:26","guid":{"rendered":"http:\/\/blogs.shydrate.com\/?p=75"},"modified":"2018-03-14T11:42:26","modified_gmt":"2018-03-14T06:12:26","slug":"credssp-flaw-in-remote-desktop-protocol-affects-all-versions-of-windows","status":"publish","type":"post","link":"https:\/\/blogs.shydrate.com\/index.php\/2018\/03\/14\/credssp-flaw-in-remote-desktop-protocol-affects-all-versions-of-windows\/","title":{"rendered":"CredSSP Flaw in Remote Desktop Protocol Affects all versions of windows"},"content":{"rendered":"<p>Hi Everyone,<\/p>\n<p>A critical vulnerability has been discovered in Credential Security Support Provider protocol (CredSSP) that affects all versions of Windows to date and could allow remote attackers to exploit RDP and WinRM to steal data and run malicious code.<\/p>\n<p>This Flaw was discovered by researchers at\u00a0Cybersecurity firm Preempt Security. This issue can be exploited by Man-in-the-middle attack with wifi or physical access to the network.<\/p>\n<p><strong>How to defend yourself?<\/strong><\/p>\n<ol>\n<li>Recommended: To patch workstation and servers\u00a0using available updates from the Microsoft.<\/li>\n<li>It would be better if the use of the privileged account is decreased.\u00a0 For more details click <a href=\"https:\/\/thehackernews.com\/2018\/03\/credssp-rdp-exploit.html\">here<\/a><\/li>\n<\/ol>\n<!-- AddThis Advanced Settings generic via filter on the_content --><!-- AddThis Share Buttons generic via filter on the_content -->","protected":false},"excerpt":{"rendered":"<p>Hi Everyone, A critical vulnerability has been discovered in Credential Security Support Provider protocol (CredSSP) that affects all versions of Windows to date and could allow remote attackers to exploit RDP and WinRM to steal data and run malicious code.<!-- AddThis Advanced Settings generic via filter on get_the_excerpt --><!-- AddThis Share Buttons generic via filter on get_the_excerpt --><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5,7],"tags":[],"class_list":["post-75","post","type-post","status-publish","format-standard","hentry","category-security-breaches","category-security-trends"],"_links":{"self":[{"href":"https:\/\/blogs.shydrate.com\/index.php\/wp-json\/wp\/v2\/posts\/75","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.shydrate.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.shydrate.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.shydrate.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.shydrate.com\/index.php\/wp-json\/wp\/v2\/comments?post=75"}],"version-history":[{"count":1,"href":"https:\/\/blogs.shydrate.com\/index.php\/wp-json\/wp\/v2\/posts\/75\/revisions"}],"predecessor-version":[{"id":76,"href":"https:\/\/blogs.shydrate.com\/index.php\/wp-json\/wp\/v2\/posts\/75\/revisions\/76"}],"wp:attachment":[{"href":"https:\/\/blogs.shydrate.com\/index.php\/wp-json\/wp\/v2\/media?parent=75"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.shydrate.com\/index.php\/wp-json\/wp\/v2\/categories?post=75"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.shydrate.com\/index.php\/wp-json\/wp\/v2\/tags?post=75"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}