Microsoft Will Not Patch Security Bypass Flaw Found by Cymulate

A DLL side-loading vulnerability related to the Microsoft Terminal Services Client (MSTSC) can be exploited to bypass security controls, but Microsoft says it will not be releasing a patch due to exploitation requiring elevated privileges.

MSTSC is a piece of software designed to allow Windows users to connect to a remote computer via the Remote Desktop Protocol (RDP).

Researchers at Cymulate, a breach and attack simulation platform provider, discovered that the MSTSC application loads a DLL file, mstscax.dll, without verifying its integrity. This allows an attacker who can replace the legitimate DLL to bypass security controls such as AppLocker, which is designed to help users control which apps and files can be run.

Read the full article on SecurityWeek now.

READ MORE