AnsweredAssumed Answered

CVE-2019-9510

Question asked by derekv on Jun 7, 2019

https://kb.cert.org/vuls/id/576688/

 

Most likely won't see a detection on this one since MS is claiming this is a feature/working as intended vs a bug...

 

Impacts Recent Win10 versions and WinSer 2019.

 

Thought I would share a workaround if you did wan't to protect yourself from it. Shared by a moderator on technet:

“You may Disable Automatic Reconnection on your RD Session Host server(s) to stop this behavior.  You can do this via group policy setting:

Computer Configuration\ Administrative Templates\ Windows Components\ Remote Desktop Services\ Remote Desktop Session Host\ Connections\

Automatic Reconnection = Disabled”

 

Source: https://social.technet.microsoft.com/Forums/windowsserver/en-US/1fd171de-a1b5-4721-86bf-082e4a375049/rds-2019-but-probably-other-versions-as-well-locked-rdp-session-logs-in-after-session-reconnect?forum=winserverTS

Outcomes