A security flaw that was discovered in Microsoft’s RDP has been found to impact another product of the tech giant. The flaw, uncovered by researcher Eyal Itkin of Check Point this year, also affects virtualization software Hyper-V and is a path traversal bug. It could lead to remote code execution(RCE) on the virtual machines connected to Hyper-V.
A proof-of-concept (PoC) exploit demonstrated by the researcher showed how a file delivered on the host connected to a malicious virtual machine could allow remote execution after a system reboot. The demonstration can be found here.
Key highlights
Post-breach detection
Microsoft stated that it worked with Itkin to devise solutions in order to detect attacks carried out through this flaw.
“While we worked on fixing the vulnerability, it was important for us to develop a post-breach detection in order to protect customers from attacks that might exploit the vulnerability. For this effort, we worked closely with Eyal, whose cooperation was critical to the development of these solutions,” said Microsoft.
Publisher