banner1
banner2

HOME
Breaking News

Microsoft warns of critical RDP client flaw enabling remote code execution

by VARINDIA 2025-07-11
Microsoft warns of critical RDP client flaw enabling remote code execution

Although no active exploits or public disclosures have emerged yet, Microsoft urges users and IT teams to apply available patches immediately, emphasizing the urgent need to secure systems before any potential widespread attacks materialize

 

 

Microsoft has revealed a significant security vulnerability in its Remote Desktop Client that could allow remote attackers to execute arbitrary code on affected systems. Identified as CVE-2025-48817, the flaw has been rated “Important” with a CVSS base score of 8.8, posing a major risk for organizations using Remote Desktop Protocol (RDP) for remote access.

The vulnerability combines relative path traversal (CWE-23) with improper access control (CWE-284) in the Remote Desktop Client infrastructure. It allows a malicious actor operating a rogue RDP server to exploit a connected client device. Crucially, the exploit requires no elevated privileges, but it does require user interaction, such as initiating a connection to the attacker-controlled server.

In practical terms, the attack enables threat actors to reverse the usual client-server security trust model. When an administrative user connects to a malicious RDP server, the vulnerability allows the attacker to escape from intended directory constraints and execute remote code on the user's system, potentially with elevated privileges. The impact spans confidentiality, integrity, and availability, making this a high-risk threat in enterprise environments.

Patches issued, urgent action advised

Microsoft has issued patches to mitigate the vulnerability across a wide range of Windows versions. These include both legacy platforms—like Windows 7 and Windows Server 2008—as well as current editions such as Windows 11 24H2 and Windows Server 2022. The Remote Desktop Client has been updated to version 1.2.6353.0 for Windows Desktop, and to version 2.0.559.0 for the Windows App. Key security updates such as KB5062553 and KB5062552 are now available for deployment.

The CVSS vector string—CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H—indicates that the attack can be conducted over a network with low complexity, further amplifying its risk.

While no active exploitation has been observed yet and no public disclosure of exploit code exists, Microsoft urges all users and IT teams to prioritize patching. The current availability of a patch offers a critical window to secure systems before any potential mass exploitation occurs in the wild.

er

See What’s Next in Tech With the Fast Forward Newsletter

SECURITY
View All
Sophos announces its new ATC in Mumbai with SATCOM Infotech

Sophos announces its new ATC in Mumbai with SATCOM Infotech

Barracuda introduces Entra ID Backup Premium to protect Identity Data External Inbox

Barracuda introduces Entra ID Backup Premium to protect Identity Data External Inbox

Calculus partners with Seceon to deliver next-gen cybersecurity services worldwide

Calculus partners with Seceon to deliver next-gen cybersecurity services worldwide

SOFTWARE
View All
GoDaddy’s Airo solution helping Indian entrepreneurs save time

GoDaddy’s Airo solution helping Indian entrepreneurs save time

Red Hat announces Red Hat Enterprise Linux for Business Developers

Red Hat announces Red Hat Enterprise Linux for Business Developers

Telegram announces Checklists, Suggested Posts and new monetization tools for Channels

Telegram announces Checklists, Suggested Posts and new monetization tools for Channels

START - UP
View All
OpenAI Acquires Jony Ive’s Startup io Products in $6.5 Billion Deal, Names Him Creative Head

OpenAI Acquires Jony Ive’s Startup io Products in $6.5 Billion Deal, Names Him Creative Head

MIPS and Cyient Semiconductor team up on custom RISC-V solutions

MIPS and Cyient Semiconductor team up on custom RISC-V solutions

Lenskart to Acquire Location AI Startup GeoIQ

Lenskart to Acquire Location AI Startup GeoIQ

Tweets From @varindiamag

CIO - SPEAK
Automation has the potential to greatly improve efficiency and production

Automation has the potential to greatly improve efficiency and production

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

wew
wrdf
Start-Up and Unicorn Ecosystem
AI Reliance:A Potential Threat to Cognitive Skills

AI Reliance:A Potential Threat to Cognitive Skills

High-Ranking U.S. Official's Password Leak Exposes Major Security Flaws

High-Ranking U.S. Official's Password Leak Exposes Major Security Flaws

Aflac Hit by Cyberattack: Sensitive Data Exposed, Action Taken Fast

Aflac Hit by Cyberattack: Sensitive Data Exposed, Action Taken Fast

Danger in Disguise: The Silent Rise of Hidden Cyber Threats

Danger in Disguise: The Silent Rise of Hidden Cyber Threats

E-Gaming Federation Strengthens India’s Skill-Based Gaming Sector

E-Gaming Federation Strengthens India’s Skill-Based Gaming Sector

Covasant Tech Merges with konaAI, DCube Data Sciences

Covasant Tech Merges with konaAI, DCube Data Sciences

Channeling Success: How Strategic Alliances Are Fueling Innovation and Scale

Channeling Success: How Strategic Alliances Are Fueling Innovation and Scale

Meesho open sources BharatMLStack, its Made-in-India ML platform

Meesho open sources BharatMLStack, its Made-in-India ML platform

The Complications of e-KYC in the Age of AI and Deepfakes

The Complications of e-KYC in the Age of AI and Deepfakes

Air India Ahmedabad Crash Triggers Widespread Flight Anxiety

Air India Ahmedabad Crash Triggers Widespread Flight Anxiety

dsf