Microsoft Revived RDCMan Service After Dumping it Due to a Bug

After dumping the service for having a security vulnerability, Microsoft has revived the RDCMan software in Windows OS.

The Remote Desktop Connection Manager (RDCMan) is used by system admins to securely connect to a remote computer, and manage things. This was abandoned last year since having a security vulnerability that can leak data in transit.

Windows RDCMan is Back

Last year in March, Microsoft announced to deprecate the Remote Desktop Connection Manager (RDCMan) service in Windows due to a security vulnerability it possessed and didn’t care to resolve it.

The vulnerability in RDCMan is about improperly parsing the “XML input containing a reference to an external entity” as Microsoft explained in its security advisory last year.

This allows an attacker who can exploit it successfully to “read arbitrary files via an XML external entity (XXE) declaration.”

Tracked as CVE-2020-0765, this vulnerability can let attackers trick the authenticated users into opening RDG files having maliciously crafted XML content in them.

And instead of solving it, Microsoft in whole deprecated the project and advised users to try the Windows built-in Remote Desktop Connection (%windir%\system32\mstsc.exe) or the universal Remote Desktop client.

But now, after a year and a half, the company’s Azure CTO Mark Russinovich said it’s reviving the RDCMan service once again. This is being added to the Sysinternals earlier this year and is now open for usage.

RDCMan is now revived with v2.8, with patching the vulnerability that Microsoft didn’t talk about in detail now. Yet, it clarified that it’s not the sole cause that made the company abandon the project.

The new RDCMan will now support Windows 8.1 and higher or Windows Server 2012 and higher. Interested users running on prior OS versions should get version 6 of the Terminal Services Client.

LEAVE A REPLY

Please enter your comment!
Please enter your name here