Microsoft recommends using supported Remote Desktop clients and exercising caution when opening RDCMan configuration files (.rdg). ![]() ![]() To exploit the vulnerability, an attacker could create an RDG file containing specially crafted XML content and convince an authenticated user to open the file.įAQ: Where do I find the update for Remote Desktop Connection Manager (RDCMan)?ĪNSWER: Microsoft is not planning on fixing this vulnerability in RDCMan and has deprecated the application. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration. and I have them neatly defined in RDCManager by PROD, STAGE, TEST, DEV and by Application System.ĬVE-2020-0765 | Remote Desktop Connection Manager Information Disclosure VulnerabilityĪn information disclosure vulnerability exists in the Remote Desktop Connection Manager (RDCMan) application when it improperly parses XML input containing a reference to an external entity. ![]() Due to vulnerability, Microsoft is deprecating RDCMan (LINK listed below)ĭoes anyone have a recommendation on a replacement RDCMan? I have over 200 SQL Servers (VM's & Physcial's) that I connect to. Another kickstarting blog post, getting into the swing of things again after a somewhat lacking period.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |