Is RemoteApp vulnerable?
I came across a situation when the entered credentials are saved when working in RemoteApp in Windows 7 Professional x64, even if the option “Allow me to save credentials” is not activated in the settings of the Remote Desktop Connection application. This raises two questions:
The PC works in a workgroup, not in a domain, the settings in the group policy have not changed, the RDP version is 7.1, the shell version is 6.1.7601. Below is a sequence of actions that lead to this situation.
Thus, under certain conditions there is a possibility of circumventing the security of the OS “Windows 7 Professional” when working with “RemoteApp”.
- This situation is a result of OS vulnerabilities or incorrect security settings;
- if this is a vulnerability, is there a patch / update that fixes it, or if this is a problem in the settings, for example group policy, then what parameters need to be fixed.
The PC works in a workgroup, not in a domain, the settings in the group policy have not changed, the RDP version is 7.1, the shell version is 6.1.7601. Below is a sequence of actions that lead to this situation.
- In the settings of the remote desktop, we check that there is no tick next to the option “Allow me to save credentials”.
- Launch the “RemoteApp” application, the “Windows Security” dialog box appears.
- Enter the username and password, click “OK”, the application “RemoteApp” starts.
- When you restart the application, credentials are not requested.
- In order to reset the entered credentials when connecting to “RemoteApp”, you need to open the “Remote Desktop” application and click the “Connect” button. ".
- Launch the “RemoteApp” application, and the “Windows Security” window reappears.
Thus, under certain conditions there is a possibility of circumventing the security of the OS “Windows 7 Professional” when working with “RemoteApp”.
')
Source: https://habr.com/ru/post/281751/
All Articles