Microsoft Windows Terminal Services Remote Security Restriction Bypass Vulnerability

Microsoft Windows Terminal Services Remote Security Restriction Bypass Vulnerability

Microsoft Windows Terminal Services is prone to a remote security-restriction bypass vulnerability because the server software fails to properly enforce encryption requirements.

Users can connect to affected servers; no encryption is required. Attackers can thus bypass security requirements configured by administrators and perform man-in-the-middle attacks or eavesdrop on RDP sessions.

This issue affects Terminal Services installed on Windows 2003 Server; other versions may also be affected.