Microsoft Remote Desktop Protocol Audit Security Bypass Vulnerabilities

Summary

The audit logon feature in Remote Desktop Protocol (RDP) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly log unauthorized login attempts supplying valid credentials, which makes it easier for remote attackers to bypass intended access restrictions via a series of attempts, aka ‘Remote Desktop Protocol (RDP) Failure to Audit Vulnerability.’

Credit:

The information has been provided by Microsoft.


Details

Vulnerable Systems:
 * Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1

Microsoft Remote Desktop Protocol (RDP) could allow a remote attacker to bypass security audit features, caused by a failure to log unsuccessful logon attempts.

CVE Information:
CVE-2014-6318

Disclosure Timeline:
Original release date: 11/11/2014
Last revised: 11/12/2014

Categories: Windows