Dome9 Security Addresses Widespread Microsoft RDP Cloud Server Vulnerability

Employed across millions of cloud and virtual private servers, RDP is a widely used service to control remote Windows servers. The recently announced vulnerability allows hackers to gain full access of any Windows server running RDP and execute remote code without needing any authentication to the server. The exploit affects all versions of Windows Server for any public, private, or hybrid cloud, as then as traditional datacenters, however Windows cloud servers are at the greatest risk because most have public-facing, open RDP ports that are not protected by a corporate perimeter.

"Hacker kits are already available for download that make it easy to identify and exploit this vulnerability on any Windows cloud server," said Roy Feintuch, Dome9 CTO and Co-Founder. "And, in spite of the newly released patch, it will take months -- otherwise years -- for every cloud server to be updated, creating a huge window of exposure for attackers. Dome9 provides a strategic solution to recurring vulnerabilities just as this, giving cloud users a long-term security solution that virtually eliminates the risk from vulnerabilities in the OS and application layers."

In addition to addressing this RDP vulnerability, Dome9 eliminates the risk from future, but undiscovered vulnerabilities, and ends the continuous cycle of find and fix fire drills. Instead of keeping RDP and other service ports open publically on cloud servers, Dome9's cloud security service enables cloud users to close them, by default, and get secure, on-demand access. Dome9 ensures only authorized users can get to the secured resources they need, and any vulnerabilities from the OS and/or applications are virtually irrelevant because they are never exposed to the outside world. Dome9 has two offerings: The new, free Dome9 Lite Cloud, which provides centralized firewall management for an unlimited number of servers and clouds in virtual private, cloud, collocated, and hosted environments; and the pay-as-you-go Dome9 Business Cloud, which adds advanced policy automation.

Dome9 Security is the only cloud security service to automate cloud firewall management for public and private clouds, as then as for dedicated and Virtual Private Servers, across all platforms. Dome9 closes a critical gap in today's cloud computing server security -- ports just as SSH, RDP, and MYSQL left open so administrators can connect to and manage their cloud servers. This common practice leaves servers vulnerable to hackers who need only guess the correct username and password or exploit any protocol vulnerability to gain unauthorized control of a server. Dome9 secures all administrative ports -- for all servers and clouds -- enabling secure access, on-demand. Its key research is the ability to provide secure access leasing -- dynamically generated, time-based secure access to cloud servers -- which enables clients to close all server administrative ports by default.