Business

News

 
More...

Alerts

 
More...

Events

 
More...
 
     
 

RDP Drive Redirection Information Disclosure Vulnerability in Microsoft Windows Volume Manager Drive

 

Systems Affected


Windows 8.1 for 32-bit and x64-bit Systems
Windows Server 2012
Windows Server 2012 R2
Windows RT 8.1
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2 (Server Core installation)

Threat Level


High


Overview


Information disclosure vulnerability has been reported in Microsoft Windows, which could allow a remote attacker to gain access to the sensitive information on the targeted system.


Description


This Vulnerability exists in Microsoft Windows Volume Manager Driver due to incorrect mapping of the mounted USB disks with the session of the mounting user via Remote Desktop Protocol using Microsoft RemoteFX.

Successful Exploitation of this vulnerability could allow a remote attacker to gain access to the files and directory information of the mounted USB disk leading to disclosure of the sensitive information on the targeted system.


Impact



Solution/ Workarounds


Apply appropriate patches as mentioned in Microsoft Security Bulletin MS16-067


References


http://cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2016-0135


Disclaimer


The information provided herein is on "as is" basis, without warranty of any kind.


 
     

© Copyright Sri Lanka CERT|CC. All Rights Reserved.