Valentino Ricotta

**Name of the Vulnerable Software and Affected Versions** Microsoft Remote Desktop Client (affected versions not specified) **Description** The vulnerability is related to incorrect code generation management in the Remote Desktop Client component of the Windows operating system. It allows remote attackers to execute arbitrary code by using a specially crafted request. This can affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Remote Desktop Protocol Client (affected versions not specified) **Description** The vulnerability is related to a lack of protection for service data in the Windows operating system's Remote Desktop Protocol Client. It may allow a remote attacker to gain unauthorized access to protected information. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FreeRDP versions prior to 2.4.0 **Description** The issue is related to missing input checks for a FILECONTENTS RANGE File Contents Request PDU in the wf cliprdr server file contents request function in client/Windows/wf cliprdr.c. This affects FreeRDP on Windows. **Recommendations** For versions prior to 2.4.0, update to version 2.4.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the `wf cliprdr server file contents request` function until a patch is available.