A severe vulnerability that affects all Windows versions ever released exploiting the CredSSP protocol was fixed in the latest Microsoft cybersecurity patch.
The flaw (CVE-2018-0886) can be exploited to run remote commands and gain control over Windows domain controllers that will offer hackers unrestricted access to other systems.
This vulnerability affects protocol at the heart of RDP & WinRM
The Credential Security Support Provider (CredSSP) protocol is a Windows-specific mechanism that is used to secure forward authentication credentials between a client and a remote server present in an internal network or domain.
CredSSP is a core component of the Remote Desktop Protocol (RDP) and the Windows Remote Management (WinRM) service; both can be exploited with vulnerability.
A hacker can exploit the CredSSP vulnerability to run remote commands when users are trying to authenticate during RDP or WinRM sessions.
Installing a cybersecurity solution like an antivirus for Windows or antivirus for Mac, depending on which OS their device is running, represents a must nowadays. Besides this, every company must hire a cybersecurity firm that will lunch on purpose various attacks on company’s network to reveal its flaws. This kind of deliberate attacks is done through specialized cybersecurity tests like penetration test and ethical hacking tests.
To take advantage of this vulnerability, the hacker needs to perform a man-in-the-middle (MitM) attack to intercept the victim’s traffic.
This day performing a MITM attack is not a big problem anymore. Because many of them have weak cybersecurity solution implemented, compromising internal networks to perform MitM attacks has become very easy.
IoT devices, KRACK, and ARP poisoning can and will help hackers to perform MitM attacks and take advantage of this vulnerability.
To reduce and eventually eliminate the risk of this kind of cybersecurity problems practice good cyber security habits, update your Apps and OSs to latest versions available and implement a robust cybersecurity solution.
The presence of antivirus for Windows or antivirus for Mac in every system depending on which OS it is running represents a must. Also remember that tests like penetration test and ethical hacking tests are now available for any company that wants to tighten their security and if your business exists 100% online, we recommend the use of cyber-secured web hosting services.