Windows Remote Assistance Vulnerability


An attacker can gain control of your system by offering access to their system.

Sharing is not caring, when it comes to sharing remote access to your computer. It could be helpful in certain use-cases, like troubleshooting but the access must be revoked as soon as possible. Here, we are talking about ‘giving’ others access to your computer. What risks could be associated with someone giving you access to their computers? It turns out that could be equally dangerous.

There is a critical vulnerability in Microsoft’s Windows Remote Assistance tool that can be exploited by remote attackers to steal files from targeted systems. The feature is baked into Windows to ease the process of giving remote access to your system for IT support. All supported versions of Windows are affected by this vulnerability, including Windows 7, 8.1, RT 8.1 and Windows 10.

In a security advisory Microsoft wrote, “To exploit this condition, an attacker would need to send a specially crafted Remote Assistance invitation file to a user. A attacker could then steal text files from known locations on the victim's machine, under the context of the user, or alternatively, steal text information from URLs accessible to the victim. The stolen information could be submitted as part of the URL in HTTP request(s) to the attacker. In all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action.”

Microsoft fixed the vulnerability in the recent patch, which means you must update your Windows machines immediately if you do use the remote assistant tool.

Windows Remote Assistance Vulnerability

Related content

comments powered by Disqus