Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Windows 10 shattered Remote Desktop's security defaults:The Register

  • Please log in to reply
No replies to this topic

#1 JohnC_21


  • Members
  • 22,093 posts
  • Gender:Male
  • Local time:11:32 PM

Posted 12 January 2016 - 06:09 PM

Microsoft has issued its January batch of security updates – including what will be the final round of patches for many versions of Internet Explorer.

The first Patch Tuesday monthly security release of the year includes fixes for 25 CVE-listed flaws in Windows, Internet Explorer, Edge, and Office. Among the patched bugs are remote code execution vulnerabilities, elevation of privilege holes, and a spoofing vulnerability.

Microsoft did not report any active exploits targeting the security vulnerabilities addressed in this month's patch bundle.

  • MS16-007 addresses six CVE-listed bugs, including a flaw in Remote Desktop Server on Windows 10 that would allow an attacker to remotely log into password-less accounts, which would normally be blocked. By default, Windows should prevent Remote Desktop access to password-less profiles, but somewhere along the line, Windows 10 started allowing access to unprotected accounts, which would have caught some IT admins with their pants down. Now Redmond has gone back to the usual default of blocking Remote Desktop to password-less users.



BC AdBot (Login to Remove)



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users