Millions of computers around the world are vulnerable to Remote Desktop Protocol flaw

Microsoft released a security update in the middle of this month to fix security vulnerabilities in Remote Desktop Protocol. The industry predicts the potential damage caused by this vulnerability to be even larger than WannaCry ransomware, so it is necessary to fix this security vulnerability in time. It is also estimated that the potential harm is too great, so Microsoft has once again made an exception to provide patches for Windows XP, Vista and Windows Server 2003. The above version has long since stopped. In principle, Microsoft is not obligated to issue security updates, but Microsoft does not want to cause serious accidents due to this vulnerability.

Security researcher Graham builds scanning tools for detecting remote desktop protocols across the network. This time, Graham scanned the entire network. There are currently 7 million devices that have 3389 ports open, that is, all of these devices have the Remote Desktop Protocol enabled. Surprisingly, however, there are still millions of devices that open Remote Desktop Protocol but have not fixed the vulnerability, and these devices are vulnerable to this vulnerability. The attacker only needs to write a worm for this vulnerability to infect each other across millions of devices, and ultimately achieve full control of these devices.

At present, many researchers have already conducted research on this vulnerability, and some researchers have successfully found a way to exploit this high-risk vulnerability. It’s been two weeks since Microsoft released a security update, but there are still so many devices that don’t have updates installed. The potential harm is very high. Here, I also remind you to install the patch for Remote Desktop Protocol as soon as possible.