Last friday i got to read a news article about realVNC to have a serious security leak, now i did have this tool running somewhere and was surprised there was no patch available yet at the moment i did go to the homepage of www.realvnc.com. My surprise got even bigger to find that some company did publish even a proof of concept to show it was working, and that these people only notified realVNC on the day they did offer the proof of concept to the public. Unbelievable that they where doing this !! trying to showoff their smart ass brains, but not realising they might bring other people in danger, and needless to say plain rude to the author of the software, atleast give them a chance to fix the issue before you press the alarm button and provide the POC.

Because i really do not like the way this company did handle their findings, i will not link to them in this post. But if you are running realVNC, you can download a patched version at www.realvnc.com.

Leave a Reply