Dell Wyse 5060 Wyse ThinLinux Version 1.0.x Operating System and Add-ons Relea - Page 30

6 WYSE_RDP Client add-on to resolve CredSSP Remote Code Execution security vulnerability issue Release type and definition The scope of this add-on release is to update the WYSE_RDP Client to address the CredSSP Remote Code Execution vulnerability issue. This add-on is intended for the following platforms running ThinLinux 1.0.7.x: • Wyse 3040 thin client with ThinLinux • Wyse 3030 LT thin client with ThinLinux • Wyse 5060 thin client with ThinLinux • Wyse 5020 thin client with ThinLinux-D50Q • Wyse 7020 thin client with ThinLinux-Z50Q For more information about the CredSSP Remote Code Execution vulnerability issue, see the article CVE-2018-0886 at Support.microsoft.com. Priority and recommendations Urgent: Dell highly recommends applying this update as soon as possible. The update contains changes to improve the reliability and availability of your Dell system. What is new The WYSE_RDP Client add-on addresses the CredSSP Remote Code Execution vulnerability issue. A remote code execution vulnerability issue is observed in the Credential Security Support Provider (CredSSP) protocol. A user can use the login credentials to execute code on the target system. This vulnerability issue can be observed on any application that uses the CredSSP authentication. Installing this security update resolves the validation issue with CredSSP protocol during authentication. Add-on package information Table 28. RPM add-on details RPM add-on details Build file name Size wyse_rdpclient-8.01.04-04.002.x86_64.rpm 2,002,932 bytes 30 WYSE_RDP Client add-on to resolve CredSSP Remote Code Execution security vulnerability issue