The recent vulnerability disclosure on Microsoft Remote Desktop Client for Mac by Filippo Cavallarin, CEO at We are Segment, has rapidly spread creating a big fuss at an international level as well as among the clients of Interlogica group.
In fact,numerous international headlines and social platforms, focused on Cyber Security, wrote about the Filippo’s disclosure, making this a phenomenal discovery by Segment. Among these headlines, we can list The Register, Security Info and Reddit.
The unveiled vulnerability,the Remote Code Execution of Microsoft Remote Desktop Client for Mac, focused on a criticality on the implementation of the RDP url schema, which enables the remote access to local resources.
In the RDP url schema it is possible to specify a parameter that allows a malicious terminal server to read and write the user’s home directory without any interaction or knowledge.
The Register describes it in the following manner: “Microsoft has patched a code execution hole in its Mac remote desktop client that grants read and write to home directories if users do no more than click a link, says Italian security researcher Filippo Cavallarin.”
The importance of this disclosure has reached such an hype that it spread rapidly also among our clients, guaranteeing Segment and the entire group a wider exposure.
We are Segment’s CEO together with a proof-of-concept, published also a video, you can find down below, showing the process giving an attacker the possibility read and write any file within the victim’s home directory.
The publication of the proof-of-concept created the urgency for Microsoft and Apple to solve the bug by providing systems updates. Thanks to the collaboration between segment’s hackers and the Microsoft Security team, the hole was patched in the second half of January.
We are Segment is part of the group Interlogica offering numerous service, from consultancy to advanced technology training on the matters of the cyber security sector.