Rapid7 Vulnerability & Exploit Database

MS14-074: Vulnerability in Remote Desktop Protocol Could Allow Security Feature Bypass (3003743)

Back to Search

MS14-074: Vulnerability in Remote Desktop Protocol Could Allow Security Feature Bypass (3003743)

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
11/11/2014
Created
07/25/2018
Added
11/11/2014
Modified
03/23/2020

Description

This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass when Remote Desktop Protocol (RDP) fails to properly log audit events. By default, RDP is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk.

Solution(s)

  • WINDOWS-HOTFIX-MS14-074-1211d5bc-357a-42f6-9dea-85ed4d16ab30
  • WINDOWS-HOTFIX-MS14-074-13d53908-c9fb-4a05-b3ab-d1a1c3ac031c
  • WINDOWS-HOTFIX-MS14-074-1783535f-1cb7-4fb6-94d7-4dac04f62890
  • WINDOWS-HOTFIX-MS14-074-5361ecdb-123c-412f-9453-fcd0bff6459d
  • WINDOWS-HOTFIX-MS14-074-59e143fb-f880-4273-912e-191f5f2215ca
  • WINDOWS-HOTFIX-MS14-074-5be518e9-d3e1-4e68-bcdb-f28d58dad6cc
  • WINDOWS-HOTFIX-MS14-074-6fef83ba-54ee-4bb1-bf68-1f4d5f04406b
  • WINDOWS-HOTFIX-MS14-074-7137bb5b-a994-44f8-b5fb-9028e5a9e412
  • WINDOWS-HOTFIX-MS14-074-a549da08-1794-4fef-8cf8-be06aaf467cb
  • WINDOWS-HOTFIX-MS14-074-b73e02b6-7a35-485b-a7ca-8be088fe5294
  • WINDOWS-HOTFIX-MS14-074-bed573a5-70a3-4a37-8ef7-15accb2a5b6a
  • WINDOWS-HOTFIX-MS14-074-bfe92101-2171-4cf3-9fe3-8f4b3021b24e
  • WINDOWS-HOTFIX-MS14-074-c61809f9-152a-4159-a39d-d688d7d19df6
  • WINDOWS-HOTFIX-MS14-074-c9ad1d07-3e80-43ba-b117-a4fdd1ea37fb
  • WINDOWS-HOTFIX-MS14-074-d3562cfc-4bcf-4472-854c-0f7f389ffe58
  • WINDOWS-HOTFIX-MS14-074-f74aa646-3cfe-4bbb-83ee-15ee4e74c020
  • WINDOWS-HOTFIX-MS14-074-f9cbb785-709d-4650-8cae-d137340f9eaf

References

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;