From Public Key to Exploitation: How We Exploited the Authentication in MS-RDP

From Public Key to Exploitation: How We Exploited the Authentication in MS-RDP

In March Patch Tuesday, Microsoft released a patch for CVE-2018-0886, a critical vulnerability that was discovered by Preempt. This vulnerability can be classified as a logical remote code execution (RCE) vulnerability. It resembles a classic relay attack, but with a nice twist: It is related to RSA cryptography (and prime ... Read More