Microsoft fixed vulnerability in RDP Client for Android

by Brendan Smith
August 23, 2019

Microsoft developers have updated the Android application for remote access to Windows, removing the vulnerability of RDP-connection (CVE-2019-1108) in RDP Client.

A software error allowed attackers to obtain system information suitable for the further development of the attack.

Earlier, a similar bug was closed in the Microsoft desktop RDP client – the patch was included in the July patch package. As experts explained, the problem lay in the incorrect processing of program memory, that explains why technical data fell into open access.

According to the developers, exploits based on vulnerability in RDP Client for Android may appear in the nearest future. To take advantage of the gap, attackers need to connect to the target machine and run third-party software on it.

“Earlier, we already saw how such bugs are used in cyberattacks. A detected gap is likely to arouse interest among attackers, so users should install the update as soon as possible”, – experts explain.

Microsoft experts also clarified that there are no other ways to protect against CVE-2019-1108.

Remote connection bugs have traditionally attracted the attention of cybercriminals. As a recent study showed, attacks on an insecure RDP host begin within a minute and a half after it is connected to the network. Experts recorded ten hacking attempts per minute; in 2012, the number of such incidents did not exceed two per hour.

Victims of attacks through a remote connection run the risk of getting a cryptographic malware on the computer, becoming a part of the botnet or losing their data.

Read also: Microsoft has fixed two new vulnerabilities that are similar to BlueKeep

The problem is exacerbated by software vulnerabilities that are constantly found in RDP systems and terminal access services. This type is the BlueKeep bug published in May, which threatens to execute third-party code with the ability to quickly scale attacks.

Later, Microsoft developers eliminated two similar vulnerabilities in their products that allowed sending unauthorized commands to Windows-based computers.

Mitigation measures

Microsoft advises all its Android customers who have Microsoft Remote Desktop for Android installed on their devices to install the latest security update to be fully protected from future attacks.

To update their Microsoft Remote Desktop for Android app to mitigate this security flaw, users have to go through the following procedure:

  1. Tap the Google Play icon on your home screen.
  2. Swipe in from the left edge of the screen.
  3. Tap My apps & games.
  4. Tap the Update box next to the Remote Desktop app.
Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Brendan Smith

Cybersecurity analyst with 15+ years digging into malware and threats, from early days reverse-engineering trojans to leading incident responses for mid-sized firms.

At Gridinsoft, I handle peer-reviewed breakdowns of stuff like AsyncRAT ransomware—last year, my guides helped flag 200+ variants in real scans, cutting cleanup time by 40% for users. Outside, I write hands-on tutorials on howtofix.guide, like step-by-step takedowns of pop-up adware using Wireshark and custom scripts (one post on VT alternatives got 5k reads in a month).

Certified CISSP and CEH, I’ve run webinars for 300+ pros on AI-boosted stealers—always pushing for simple fixes that stick, because nobody has time for 50-page manuals. Tools of the trade: Splunk for hunting, Ansible for automation, and a healthy dose of coffee to outlast the night shifts.

View all posts

Leave a Reply

Sending