ExpressVPN has released a new patch for its Windows app to close a vulnerability that can leave remote desktop traffic unprotected. If you use ExpressVPN on Windows, download version 12.101.0.45 as soon as possible, especially if you use Remote Desktop Protocol (RDP) or any other traffic through TCP port 3389.
ExpressVPN announced both the vulnerability and the fix in a blog post earlier this week. According to that post, an independent researcher going by Adam-X sent in a tip on April 25 to claim a reward from ExpressVPN's bug bounty program. Adam-X noticed that some internal debug code which left traffic on TCP port 3389 unprotected had mistakenly shipped to customers. ExpressVPN released the patch about five days later in version 12.101.0.45 for Windows.
As ExpressVPN points out in its announcement of the patch, it's unlikely that the vulnerability was actually exploited. Any hypothetical hacker would not only have to be aware of the flaw, but would then have to trick their target into sending a web request over RDP or other traffic that uses port 3389. Even if all the dominos fell, the hacker could only see their target's real IP address, not any of the actual data they transmitted.
Even if the danger was small, it's nice to see ExpressVPN responding proactively to flaws in its product — bug bounties are great, but a security product should protect its users with as many safeguards as possible. In addition to closing this vulnerability, they're also adding automated tests that check for debug code accidentally left in production builds. This, plus a successful independent privacy audit earlier in 2025, gives the strong impression of a provider that's on top of things.
This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/vpn/expressvpn-patches-windows-bug-that-exposed-remote-desktop-traffic-171507501.html?src=rss https://www.engadget.com/cybersecurity/vpn/expressvpn-patches-windows-bug-that-exposed-remote-desktop-traffic-171507501.html?src=rssMelden Sie sich an, um einen Kommentar hinzuzufügen
Andere Beiträge in dieser Gruppe
Alien: Earth delivers everything you'd want from a series with "Alien" in the title: The iconic Xenomorphs hunting down hapless humans; gratuitous body horror; and androids who you can nev
Previously, if you wanted a monitor for competitive gaming, you had to choose between an IPS or VA panel to get something with a super high refresh rate or opt for a slower OLED display with richer
Google is officially rolling out Preferred Sources, which lets you curate search results. The feature allows you to pick specific or "preferred" sources, like a certain blog or news outlet, and see
