Microsoft Remote Desktop Virtual Host CVE-2017-8714 Remote Code Execution Vulnerability

description-logoDescription

A remote code execution vulnerability exists in the VM Host Agent Service of Remote Desktop Virtual Host role when it fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could issue a specially crafted certificate on the guest operating system that could cause the VM host agent service on the host operating system to execute arbitrary code. The Remote Desktop Virtual Host role is not enabled by default.

affected-products-logoAffected Applications

Windows 10
Windows 8
Windows Server 2012
Windows Server 2016

CVE References

CVE-2017-8714