Zoidberg, “M”D

This may be one of the stupidest “it’s not a bug it’s a feature” security flaws, and for that there is a ton of competition!

#microsoft #windows #rdp #infosec #security #vulnerability #entra #remotedesktop https://infosec.exchange/@skipb/114429592332996087

Skip Barker :donor: (@skipb@infosec.exchange)

Ars Technica: Windows RDP lets you log in using revoked passwords. Microsoft is OK with that. https://arstechnica.com/security/2025/04/windows-rdp-lets-you-log-in-using-revoked-passwords-microsoft-is-ok-with-that/

Infosec Exchange
May 1 at 12:37amWeb