CVE-2016-0019

Name of the Vulnerable Software and Affected Versions Microsoft Windows 10 versions Gold and 1511

Description The issue is related to a security feature bypass in the Remote Desktop Protocol (RDP) service implementation, allowing remote attackers to bypass intended access restrictions. This can enable attackers to establish sessions for accounts with blank passwords via a modified RDP client. The vulnerability is caused by errors in security settings, which can be exploited by a remote attacker to bypass existing access restrictions or establish a connection for an account with a blank password.

Recommendations For Microsoft Windows 10 versions Gold and 1511, consider disabling the RDP service until a patch is available to prevent remote logon to accounts with no passwords set. As a temporary workaround, restrict access to accounts with blank passwords to minimize the risk of exploitation. Avoid using blank passwords for accounts to prevent potential exploitation of this issue.