BetaNews: Critical vulnerability found in Windows Remote Desktop Protocol

BetaNews: Critical vulnerability found in Windows Remote Desktop Protocol. “Researchers at threat prevention specialist Preempt have discovered a flaw in Credential Security Support Provider protocol (CredSSP), which is used by Remote Desktop and WinRM in their authentication processes. An attacker with man-in-the-middle control over the session could use this to gain the ability to remotely run code on the compromised server masquerading as a legitimate user.”