CyberSecurityBoard
Sponsor Register Login

Windows Remote Desktop Vulnerability Let Attackers Execute Malicious Code Over Network

These Remote Desktop vulnerabilities were among 72 flaws addressed in Microsoft’s May Patch Tuesday, which also fixed five actively exploited zero-day vulnerabilities, including issues in Windows DWM Core Library, Windows Common Log File System Driver, and Windows Ancillary Function Driver for WinSock. Microsoft’s May 2025 Patch Tuesday has addressed several critical vulnerabilities in Windows Remote Desktop services that could allow attackers to execute malicious code remotely. “In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution on the RDP client machine when a victim connects to the attacker’s server with the vulnerable Remote Desktop Client,” Microsoft explained in its security advisory. CVE-2025-29966 and CVE-2025-29967 both involve heap-based buffer overflow vulnerabilities in the Remote Desktop Client and Gateway Service, respectively, allowing unauthorized attackers to execute arbitrary code over a network. “Although these particular vulnerabilities haven’t been exploited yet, similar Remote Desktop flaws have been prime targets for attackers in the past,” said a cybersecurity researcher familiar with the matter. For systems that cannot be immediately patched, experts suggest limiting Remote Desktop connections to trusted servers only and implementing additional network security measures to restrict potential attack vectors. Among the 72 flaws fixed in this month’s security update, two critical Remote Desktop vulnerabilities stand out as particularly concerning. The vulnerabilities impact multiple versions of Windows operating systems that utilize Remote Desktop services. The vulnerability could be exploited when users connect to malicious Remote Desktop servers, putting client machines at risk of complete system compromise. The May 2025 security updates are available through Windows Update, Windows Server Update Services (WSUS), and the Microsoft Update Catalog.

This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 14 May 2025 03:10:05 +0000


Cyber News related to Windows Remote Desktop Vulnerability Let Attackers Execute Malicious Code Over Network

The Virtual Desktop Revolution: Redefining Work an - A virtual desktop, also referred to as a virtual desktop infrastructure, is a virtualized computing environment that enables users to remotely access and control their desktops from any device with an internet connection. A user who logs in is given ...
1 year ago Feeds.dzone.com
Windows Remote Desktop Vulnerability Let Attackers Execute Malicious Code Over Network - These Remote Desktop vulnerabilities were among 72 flaws addressed in Microsoft’s May Patch Tuesday, which also fixed five actively exploited zero-day vulnerabilities, including issues in Windows DWM Core Library, Windows Common Log File System ...
2 months ago Cybersecuritynews.com CVE-2025-29966
15 Best Bandwidth Monitoring Tools in 2025 - By providing real-time data on network usage, bandwidth monitoring tools enable proactive management and quick resolution of issues that could impact network performance. It provides real-time monitoring of network performance, traffic analysis, and ...
2 weeks ago Cybersecuritynews.com
Windows 10 Extended Security Updates Promised for Small Businesses and Home Users - Already common for enterprises, for the first time, individuals will also get the option to pay for extended security updates for a Windows operating system that's out of support. Windows 10 will stop getting free updates, including security fixes, ...
1 year ago Techrepublic.com
Network Protection: How to Secure a Network - Network security protects and monitors the links and the communications within the network using a combination of hardware, software, and enforced policies. Best practices for network security directly counter the major threats to the network with ...
1 year ago Esecurityplanet.com
Why Use a VLAN? Unveiling the Benefits of Virtual LANs in Network Security - Virtual Local Area Networks, or VLANs, serve as a critical computing technology designed for effective network traffic management. How VLANs function within a network environment revolves around effectively managing and directing network traffic. ...
1 year ago Securityboulevard.com
Zoom Mobile & Desktop App Flaw Let Attackers Escalate Privileges - The popular video conferencing software Zoom has security issues with its desktop and mobile apps that could allow for privilege escalation. An attacker may be able to obtain elevated privileges within the application or the operating system by ...
1 year ago Cybersecuritynews.com CVE-2023-43583 CVE-2023-43585 CVE-2023-43586 CVE-2023-36540 CVE-2023-36541 CVE-2023-36534 CVE-2023-39216 CVE-2023-39213
Google Threat Intelligence Launches Actionable Technique To Hunt for Malicious .Desktop Files - xfce_desktop_window” (behavior_processes:” ; or (behavior_processes:”http” behavior_processes:”.pdf”))Expands detection by combining XFCE environment detection with behaviors involving Google Drive or other ...
2 months ago Cybersecuritynews.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Windows 11 January 2025 Preview Update Disconnects Remote Desktop Sessions - Microsoft’s January 2025 Windows preview update (KB5050094) for Windows 11 version 24H2 has caused significant issues with Remote Desktop Protocol (RDP) sessions, including Remote Desktop Services (RDS). The policy, named “Windows 11 24H2 ...
4 months ago Cybersecuritynews.com
Windows 11 to let admins mandate SMB encryption for outbound connections - Windows 11 will let admins mandate SMB client encryption for all outbound connections, starting with today's Windows 11 Insider Preview Build 25982 rolling out to Insiders in the Canary Channel. SMB encryption provides data end-to-end encryption and ...
1 year ago Bleepingcomputer.com
Microsoft fixes Remote Desktop issues caused by Windows updates - "After installing the January 2025 Windows preview update (KB5050094) and later updates, users might experience unexpected disconnections with Remote Desktop Protocol (RDP) sessions, including Remote Desktop Services (RDS)," the company said in a ...
4 months ago Bleepingcomputer.com
Microsoft releases first Windows Server 2025 preview build - Microsoft has released Windows Server Insider Preview 26040, the first Windows Server 2025 build for admins enrolled in its Windows Insider program. This build is the first pushed for the next Windows Server Long-Term Servicing Channel Preview, which ...
1 year ago Bleepingcomputer.com
Microsoft to let Windows 10 home users buy Extended Security Updates - Microsoft says that all Windows 10 customers will be able to pay for three extra years of security updates through the company's Extended Security Updates program after the end of support date. After Windows 10 reaches the end of support on October ...
1 year ago Bleepingcomputer.com
Microsoft to let Windows 10 home users buy Extended Security Updates - Microsoft says that all Windows 10 customers will be able to pay for three extra years of security updates through the company's Extended Security Updates program after the end of support date. After Windows 10 reaches the end of support on October ...
1 year ago Bleepingcomputer.com
Top 19 Network Security Threats + Defenses for Each - Network security threats are technological risks that weaken the defenses of an enterprise network, endangering proprietary data, critical applications, and the entire IT infrastructure. There are seven major categories of network security issues ...
1 year ago Esecurityplanet.com
Microsoft: Recent Windows updates cause Remote Desktop issues - "After installing the January 2025 Windows preview update (KB5050094) and later updates, users might experience unexpected disconnections with Remote Desktop Protocol (RDP) sessions, including Remote Desktop Services (RDS)," the company said in a new ...
4 months ago Bleepingcomputer.com
5 Lessons Learned from Windows Remote Desktop Honeypot Report - Recently, the SANS Institute released their annual Windows Remote Desktop Honeypot Report, providing comprehensive insights into the nature of malicious activity in a Windows environment. In order to understand how your own Windows network can be ...
2 years ago Bleepingcomputer.com
CVE-2017-3180 - Multiple TIBCO Products are prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an ...
5 years ago
Windows Remote Desktop Service Vulnerability Let Attackers Execute Malicious Code - “An attacker could successfully exploit this vulnerability by connecting to a system with the Remote Desktop Gateway role, triggering the race condition to create a use-after-free scenario, and then leveraging this to execute arbitrary ...
3 months ago Cybersecuritynews.com CVE-2025-27480
10 Best Network as a Service for MSSP Providers - Network as a Service for Managed Security Service Providers offers a revolutionary way to provide networking and security services to clients. Network security leaders such as Perimeter81 offer Managed Service Provider partners a powerful, scalable, ...
1 year ago Cybersecuritynews.com
School Wi-Fi Security Guidelines - When choosing a strong Wi-Fi password for your school network, it is crucial to follow proper guidelines to ensure maximum security. School network security heavily relies on robust Wi-Fi encryption and effective wireless network protection measures. ...
1 year ago Securityzap.com
Microsoft No Longer Selling Windows 10 Licenses Redirects to Windows 11 Product Pages - Marking an end to an era, Microsoft is no longer directly selling Windows 10 product keys on their website, instead redirecting users to Windows 11 product pages. This month, Microsoft began displaying an alert on their Windows 10 Home and Pro ...
2 years ago Bleepingcomputer.com
Microsoft fixes Remote Desktop freezes caused by Windows updates - Today, Microsoft announced that a long-standing bug causing blue screen errors and installation issues on Windows Server 2025 systems with over 256 logical processors was resolved in updates released since the KB5046617 cumulative update issued ...
3 months ago Bleepingcomputer.com
Correct bad network behavior to bolster application experience - Legacy hardware-based applications existed happily in isolation, untethered from a network. Today, even the software running from personal hard drives relies on other applications across the network to perform. Many modern apps run off a remote ...
1 year ago Helpnetsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)