HA NOI — BKAV yesterday warned that a critical flaw in Remote Desktop Protocol (RDP) across supported versions of Windows is affecting about 32 per cent of the Viet Nam's Government web servers.
The vulnerability allows attackers to remotely execute a code on an unpatched system that is Remote Desktop enabled, the Ha Noi-based company said.
Microsoft's Remote Desktop Protocol, which is disabled by default on newer Windows installations, allows users to remotely connect to Windows' desktops or servers, and is widely used by enterprises.
Virus activity in Viet Nam in June Quantity
Number of computers infected 5,701,000
New virus 2,983
Internet security in Viet Nam in June Quantity
Number of websites hacked by domestic hackers 11
Number of websites hacked by foreign hackers 175
Most rampant viruses in June
Source : BKAV
Microsoft in March asked system administrators to apply its latest update as a "special priority" given the nature of the flaw, but about one-third of Government web servers in Viet Nam were still vulnerable, BKAV said.
According to the internet security firm, attackers may well develop a code similar to the Morto worm that appeared late last year.
Morto infected machines using RDP and allowed remote attackers to access the file systems of a Windows PC.
"The weak management of server security in governmental organisations is at an alarming level, which could also threaten national security," Nguyen Minh Duc, head of BKAV's internet security department, told Viet Nam News.
BKAV said it had sent warnings to administrators of 520 Government websites ending with.gov.vn. — VNS