- Security researcher Daniel Wade discovers the concern of the Microsoft RDP feature
- This allows ancient credentials to be used at a log
- Microsoft has confirmed that you have no plans to change this
Security researcher Daniel Wade has discovered a protocol within the Microsoft remote desktop protocol (RDP), which allows users to log in to machines using revoked passwords.
Wade’s report warns “This is not just a mistake. It is a breakdown of trust,” remembering Microsoft that people change their passwords trusting that this “will cut unauthorized access”, which makes this characteristic completely contradictory. Wade warned that “millions of users, at home, in small businesses or hybrid work configurations, are in knowledge without knowing it.
Surprisingly, in his response, Microsoft said that this behavior is not a mistake, but calls it, “a design decision to ensure that at least one user account always has the ability to log in, regardless of how much time it has been out of line.”
A feature, not an error
Microsoft confirmed that the problem did not meet its definition of security vulnerability, and that the company has no plans to make any change in this.
According to Wade’s report, there is also no clear way that end users detect or solve the problem, and Azure, defend, enter ID do not raise any flag, leaving vulnerable users even if they are taking protection measures.
“This creates a silent and remote rear door in any system where the password will be stored in cache. Even if the attacker never had access to that system, Windows will still trust the password,” says Wade.
Credential theft and data violations are too common, and compromised passwords are a serious risk for companies and users equally. The research has shown that security attacks on password administrators have shot themselves, with attacks that become more frequent and sophisticated.
This means that regular password rotation is an important facet of cyber security, and best password hygiene practices in the center revocate ancient passwords, reused or compromised, which makes this characteristic even more confusing and worrying.
Through Ars Technica
