CredSSP vulnerability and ThinOS

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #46372
    skyjam
    Participant
    • Total Post: 11
    • Regular Joe
    • ★★

    According to this news entry (https://www.golem.de/news/sicherheitsluecke-microsoft-unterbindet-rdp-anfragen-von-ungepatchten-clients-1803-133522.html), there is a severe bug in MS RDP.

    MS has fixed it in March 2018 Patch Tuesday, but this will disable connections from old clients!!

    We’re still using C10LE devices with the latest available firmware 8.3 109

    Will I still be able to connect after applying the MS update?

    #46670
    skyjam
    Participant
    • Total Post: 11
    • Regular Joe
    • ★★

    *BUMP*

    This is a serious issue!! Any idea? C10LE devices cannot update to anything higher than 8.3.109…

    See https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0886

    There is also a new FreeRDP version because of this…

    #46679
    ConfGen
    Keymaster
    • Total Post: 10696
    • Jedi Master
    • ★★★★★★★

    ThinOS is not using any kind of Linux RDP client. The one ThinOS uses is based on the Windows RDP client.

    CG

    #46750
    4johnny
    Participant
    • Total Post: 18
    • Regular Joe
    • ★★

    I’ve wondered about this too.  However, it looks like it will be a registry switch on the server side to not allow older RDP clients.  So the registry switch can be disabled on the server side.

Viewing 4 posts - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.