Hacker demonstrates Remote Code Execution exploit for Windows Remote Desktop Gateway

A self-described "reverser/pwner [and] Windows kernel hacker" has demoed a working exploit for two recently discovered vulnerabilities in Windows Remote Desktop Gateway (RD Gateway). The exploit takes advantage of the CVE-2020-0609 and CVE-2020-0610 vulnerabilities which have already been shown to make a denial of service attack possible. Now Luca Marcelli has shown how the same vulnerabilities can be exploited in a Remote Code Execution attack. See also: Microsoft's suggested workaround for Internet Explorer vulnerability breaks printing Microsoft says it will release black desktop bug fix to all Windows 7 users for free Your Windows 7 desktop has turned black? Microsoft… [Continue Reading]