niftycent.com
NiftyCent
ES
Inicio de sesión
Mercado
Descuentos

ExpressVPN patches Windows bug that exposed remote desktop traffic

ExpressVPN has released a new patch for its Windows app to close a vulnerability that can leave remote desktop traffic unprotected. If you use ExpressVPN on Windows, download version 12.101.0.45 as soon as possible, especially if you use Remote Desktop Protocol (RDP) or any other traffic through TCP port 3389.

ExpressVPN announced both the vulnerability and the fix in a blog post earlier this week. According to that post, an independent researcher going by Adam-X sent in a tip on April 25 to claim a reward from ExpressVPN's bug bounty program. Adam-X noticed that some internal debug code which left traffic on TCP port 3389 unprotected had mistakenly shipped to customers. ExpressVPN released the patch about five days later in version 12.101.0.45 for Windows.

As ExpressVPN points out in its announcement of the patch, it's unlikely that the vulnerability was actually exploited. Any hypothetical hacker would not only have to be aware of the flaw, but would then have to trick their target into sending a web request over RDP or other traffic that uses port 3389. Even if all the dominos fell, the hacker could only see their target's real IP address, not any of the actual data they transmitted.

Even if the danger was small, it's nice to see ExpressVPN responding proactively to flaws in its product — bug bounties are great, but a security product should protect its users with as many safeguards as possible. In addition to closing this vulnerability, they're also adding automated tests that check for debug code accidentally left in production builds. This, plus a successful independent privacy audit earlier in 2025, gives the strong impression of a provider that's on top of things.

This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/vpn/expressvpn-patches-windows-bug-that-exposed-remote-desktop-traffic-171507501.html?src=rss https://www.engadget.com/cybersecurity/vpn/expressvpn-patches-windows-bug-that-exposed-remote-desktop-traffic-171507501.html?src=rss
Creado 1mo | 23 jul 2025, 17:20:22


Inicia sesión para agregar comentarios

Otros mensajes en este grupo.

US Attorneys General tell AI companies they 'will be held accountable' for child safety failures
US Attorneys General tell AI companies they 'will be held accountable' for child safety failures

The US Attorneys General of 44 jurisdictions have signed a

26 ago 2025, 5:50:06 | Engadget
Imgur protest covers the front page in anti-MediaLab memes
Imgur protest covers the front page in anti-MediaLab memes

Despite all the division and controversy rife in the modern era, sometimes the Internet does manage to collectively agree on something. Right now, they agree that they hate Imgur parent company

26 ago 2025, 1:10:32 | Engadget
Perplexity has cooked up a new way to pay publishers for their content
Perplexity has cooked up a new way to pay publishers for their content

Perplexity is launching a new revenue-sharing plan for publishers that will pay them every time its AI assis

25 ago 2025, 22:50:27 | Engadget
The iPhone 17 event is likely in September: What to expect from Apple's upcoming launch
The iPhone 17 event is likely in September: What to expect from Apple's upcoming launch

We're still waiting for Apple to make the official announcement for the

25 ago 2025, 22:50:24 | Engadget
iOS 26: Here's everything you need to know about Apple's upcoming iPhone and iPad updates
iOS 26: Here's everything you need to know about Apple's upcoming iPhone and iPad updates

We're getting super close to finding out when the annual Apple

25 ago 2025, 22:50:22 | Engadget
Overwatch 2 will overhaul its progression systems to show more visual flair in matches
Overwatch 2 will overhaul its progression systems to show more visual flair in matches

The next season of Overwatch 2 will bring more than the usual new hero and battle pass to the team

25 ago 2025, 22:50:20 | Engadget
Pixel-art cyberpunk platformer Replaced delayed again, this time until spring 2026
Pixel-art cyberpunk platformer Replaced delayed again, this time until spring 2026

The long-awaited cyberpunk platformer Replaced has been delayed once again.

25 ago 2025, 20:30:33 | Engadget
Techie
Techie