Security News > 2020 > May > Reverse RDP attacks: How to protect your organization
A new report by cyber threat intelligence provider Check Point illustrates a specific type of attack known as Reverse RDP. In a blog post published Thursday, Check Point explained how a Reverse RDP attack works.
At Black Hat 2019, Check Point researchers revealed the Reverse RDP vulnerability, proving that a malware-infected remote computer could take over any client PC that connects to it.
In February 2020, Microsoft released a new patch to more effectively correct the Reverse RDP flaw.
Although the initial Reverse RDP flaw was eventually patched correctly, other programs that use the PathCchCanonicalize function are vulnerable to the same type of attack.
"The first part is that IT staff in large enterprises that use Windows should install Microsoft's February Patch, CVE 2020-0655, to make sure their RDP client is protected against the attack we've presented in BlackHat USA 2019. The second part is addressed to developers worldwide. Microsoft neglected to fix the vulnerability in their official API, and so all programs that were written according to Microsoft's best practices will still be vulnerable to a Path-Traversal attack. We want developers to be aware of this threat, so that they could go over their programs and manually apply a patch against it."