Esteemaudit Could be worst threat – A Windows 2003 RDP Zero Day Exploit

As per Fortinet Team Analysis, Esteemaudit is a Remote Desktop Protocol (RDP) exploit that targets Microsoft Windows Server 2003 / Windows XP. By exploiting this vulnerability, a threat actor can target a remote RDP Service and eventually take control of the compromised system.

    • In terms of global attack surface , windows XP shares 7.04% coverage of OS used worldwide.
    • As per global market research approximately 18% of Orgs uses Windows 2003 server which means more than 600,000 web-facing computers are still hosting millions of websites are at risk.
    • As per Shodan analysis , till today there are 2288 servers still using windows 2003 operating systems which are vulnerable to be attacked by this exploit.

  • There are many malware in the wild that already infects systems using as attack vector the RDP protocol, (CrySiS, Dharma, and SamSam), the EsteemAudit exploit can potentially make these threats very aggressive and dangerous
  • As on 24th May 17, enSilo has issued a patch that protects these vulnerable users from Windows ESTEEMAUDIT Exploit.

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: