ExpressVPN Issues Urgent Patch for Windows Users!

In a significant move to safeguard user security, ExpressVPN has rolled out a crucial patch for its Windows application designed to address a serious vulnerability that could put remote desktop traffic at risk. Users are urged to update to version 12.101.0.45 immediately, especially those utilizing Remote Desktop Protocol (RDP) or other services operating through TCP port 3389.

Discovery of the Vulnerability

The vulnerability was uncovered by a vigilant security researcher known as Adam-X, who alerted ExpressVPN on April 25 as part of their bug bounty program. Adam-X discovered that some internal debug code, inadvertently made available to customers, compromised security by leaving traffic on TCP port 3389 unprotected.

Swift Action Taken by ExpressVPN

Only five days after the vulnerability was reported, ExpressVPN responded promptly with the patch, reinforcing its commitment to user security. In their blog post announcing the update, ExpressVPN emphasized that while the vulnerability existed, it is unlikely that it was exploited in the wild.

Understanding the Risk

ExpressVPN detailed that for a hacker to take advantage of this vulnerability, they would need not only prior knowledge of the flaw but also the ability to deceive their target into making a web request over RDP or similar traffic on port 3389. Even in a worst-case scenario, the attacker would only gain access to the user’s real IP address, leaving the actual data being transmitted secure.

Immediate Update Recommended!

For those using ExpressVPN on Windows, this patch is not just a recommendation—it’s a necessity! Ensure you're running the latest version to protect your sensitive remote desktop sessions and enhance your overall online safety.