News
MSFT security researcher’s insights on July Patch Tuesday
July 2023 by MSFT security
Today, Microsoft released software updates to fix a significant vulnerability in the Remote Desktop Gateway (RDP Gateway), tagged as CVE-2023-35332. This vulnerability is centered around the usage of outdated and deprecated protocols, including Datagram Transport Layer Security (DTLS) version 1.0, which presents substantial security and compliance risk to organizations.
Cyolo’s security team identified and disclosed this vulnerability to Microsoft, and I wanted to provide additional insight from Dor Dali, Head of Research at Cyolo:
• This vulnerability not only presents a substantial security risk but also a significant compliance issue. The use of deprecated and outdated security protocols, such as DTLS 1.0, may lead to non-compliance with industry standards and regulations - like SOC2, FEDRAMP, PCI, HIPAA, and others – incurring on potential legal disputes and hefty fines.
• In cases where an immediate update isn’t possible, an effective workaround is to disable UDP support in the RDP Gateway. This prevents the establishment of the secondary channel over UDP, eliminating the use of the deprecated DTLS 1.0 and thereby mitigating the vulnerability. A necessary step that could potentially impact performance, but that will ensure security and compliance until the server can be updated.
