Security News > 2018 > March > Dangerous CredSSP flaw opens door into corporate servers

A critical vulnerability in the Credential Security Support Provider protocol (CredSSP), introduced in Windows Vista and used in all Windows versions since then, can be exploited by MitM attackers to run code remotely on previously uninfected machines and servers in the attacked network. About CredSSP CredSSP provides single sign-on (SSO) and network level authentication for Remote Desktop Services, the Windows component that allows a user to take control of a remote computer or virtual machine … More → The post Dangerous CredSSP flaw opens door into corporate servers appeared first on Help Net Security.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/NI-4b86AjJU/