Bing

In Kaspersky they warn that our PC may be in danger if we access it remotely using some VNC-based apps

2024
In Kaspersky they warn that our PC may be in danger if we access it remotely using some VNC-based apps

Table of contents:

Anonim
"

A while ago we talked about Microsoft Remote Desktop, an application that has just been updated in the App Store and that allows access to our PC from an iPad or An iphone. An option that is also available in the Google Play Store."

But it's not the only way to get remote access. Microsoft's may be the best-known option together with TeamViewer and together with them a multitude of options that we now know about, can compromise the security of our equipment.

Troy Horse

"VNC, an acronym for Virtual Network Computing, is an app that allows us to connect remotely to our computer, as we have seen with Microsoft Remote Desktop. And some of them, all based on VNC, are now in the eye of the hurricane according to the information provided by Kaspersky."

VNC is free software based on a client-server structure that allows remote access to a computer and use it from another device. It is the basis of programs such as LibVNC, TightVNC 1.X, TurboVNC and UltraVNC or RealVNC, alternatives available for almost all operating systems on the market.

The problem is that everything we do remotely on the PC is transmitted over the network and this includes keystrokes, mouse movements... and if it is not well protected, This data set may fall into the hands of potential cyber attackers

Thus Kaspersky has discovered that VNC-based programs offer serious security bugs on almost all servers, which is the part of the application that we will install on the PC. Security vulnerabilities that cause anything from insignificant crashes to remotely executing malicious code without the user's knowledge.

And to give us an idea of ​​the magnitude, remind us that according to data from shodan.io, more than 600,000 VNC servers are available online , a number that grows significantly if we add the devices that are available on local networks.

According to Kaspersky's analysis, many of the security flaws discovered today are still active and unpatched, so that alerts users of a VNC-based application about the risk to their data.

In the research they have studied some of the best known applications such as LibVNC (an open source cross-platform library for creating a custom application based on the RFB protocol), UltraVNC (a popular open source VNC implementation developed specifically for Windows), TightVNC X (a more popular implementation of the RFB protocol), or TurboVNC (an open source VNC implementation).

In the process, Kaspersky concludes that these problems can at least be controlled if we carry out a series of basic steps with which delimit the risk in our teams:

  • It is necessary to check which are the devices that can be connected remotely to the computer, blocking those that we do not consider safe and creating a white list.
  • When we are not going to use the remote connection, it is convenient to disable VNC.
  • Always have the latest version of this software installed, both on the client and on the server.
  • It is a good idea to use a strong password.
  • Do not use untrusted servers.

Source | Kaspersky Via | Bleeping Computer Images | Blogtrepreneur, Christoph Scholz and QuartierLatin1968

Bing

Editor's choice

Is HTC losing interest in Windows Phone?

Is HTC losing interest in Windows Phone?

2024
Samsung Ativ Q

Samsung Ativ Q

2024
Images of what could be the new Nokia Lumia EOS

Images of what could be the new Nokia Lumia EOS

2024
Build 2013 devices: waiting for manufacturers

Build 2013 devices: waiting for manufacturers

2024
Back to top button