Summary
This host is missing an important security update according to Microsoft advisory (2861855).
Impact
Successful exploitation will allow remote attackers to bypass the security.
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, https://technet.microsoft.com/en-us/security/advisory/2861855
Insight
The flaw is due to security issue in Network-level Authentication (NLA) method in Remote Desktop Sessions.
Affected
Microsoft Windows 7 x32/x64 Service Pack 1 and prior Microsoft Windows Vista x32/x64 Service Pack 2 and prior Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
Detection
Get the vulnerable file version and check appropriate patch is applied or not.
References
Severity
Classification
-
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C
Related Vulnerabilities
- Microsoft Windows win32k.sys Driver 'CreateDIBPalette()' BOF Vulnerability
- SMB Registry : XP Service Pack version
- Microsoft Windows IPv4 Default Configuration Security Bypass Vulnerability
- Microsoft Windows ActiveX Control Multiple Vulnerabilities (2820197)
- Computer Associates WebScan ActiveX Control Multiple Remote Code Execution Vulnerabilities