October 16, 2021

Telnet Vulnerability

Earlier this month I saw a lot of attacks targeting Telnet, which I thought was odd.  Now because of Microsoft’s Patch Tuesday, I know why that was…

This vulnerability (MS15-002) marked as having a critical severity rating is in the Telnet protocol, used to provide terminal connections to remote computers over TCP23. Microsoft marks vulnerabilities as critical when they are already being used in the wild by attackers to break into systems.

Telnet can be installed on all Windows systems, and is frequently used on the server editions by people that are too ignorant to move to SSH.  Microsoft did disable it by default for the desktop since Windows Vista came out.