In case you missed it, Windows patching is important! Considering Remote Desktop Protocol (RDP) is one of the most common methods of administration in a network and WinRM is right behind it, this is why it is important to patch/update and to properly secure the network from anyone gaining physical access!
According to The Hacker News, A critical vulnerability has been discovered in Credential Security Support Provider protocol (CredSSP) that affects all versions of Windows to date and could allow remote attackers to exploit RDP and WinRM to steal data and run malicious code.
CredSSP protocol has been designed to be used by RDP (Remote Desktop Protocol) and Windows Remote Management (WinRM) that takes care of securely forwarding credentials encrypted from the Windows client to the target servers for remote authentication. When a client and server authenticate over RDP and WinRM connection protocols, a man-in-the-middle attacker can execute remote commands to compromise enterprise networks. Since RDP is the most popular application to perform remote logins and almost all enterprise customers are using RDP, it makes most networks vulnerable to this security issue.
As part of March 2018 Patch Tuesday, Microsoft has also released security patches for its other products, including Microsoft IE and Edge browser, Windows OS, Microsoft Office, PowerShell, Core ChakraCore, as well as Adobe Flash player.
Patching should be a way of life! It’s simple and easy. Get it done!
