08 August 19, 17:42
(This post was last modified: 08 August 19, 17:43 by silversurfer.)
Quote:A vulnerability in Microsoft's Remote Desktop Protocol (RDP) can also be used to escape virtual machines running on Hyper-V, the virtualization technology in Azure and Windows 10.
The bug is a path traversal that leads to remote execution and was reported to Microsoft almost a year ago as affecting only RDP and remained unpatched until recently, when it was discovered that it impacts Microsoft's Hyper-V product.
Initially, Microsoft validated the finding but dismissed a fix motivating that it did "not meet our bar for servicing."
Eyal Itkin from Check Point published in February the technical details about the flaw as part of a larger research that covered multiple RDP vulnerabilities. His focus was on achieving a reverse RDP attack, where the server of a remote connection gains control over the client.
This was possible because two machines connected through RDP share the clipboard, which means that whatever is copied on the remote server can be pasted on the local client.
Read more here: https://www.bleepingcomputer.com/news/se...d-hyper-v/