Windows Remote Desktop Client vulnerability could allow remote code execution

Windows Remote Desktop Client vulnerability could allow remote code execution

A  vulnerability in Microsoft Remote Desktop ActiveX Control could upon successful exploitation, allow an attacker to execute code and take control of an affected system.

Detailed Description:

Microsoft has released a security update to address a vulnerability in the Remote Desktop ActiveX control (mstscax.dll). The vulnerability was caused by a memory corruption condition that arises when attempting to access a deleted object in memory. Upon successful exploitation, an attacker could be able to execute code and take control of the affected system.

This issue has been fixed by introducing a modification in the way that Remote Desktop Client handles objects in memory. Users are recommended to install the latest update as a protection measure against possible exploit attempts.