On Wednesday 2022-11-23 13:46, Greg Kroah-Hartman wrote: > >The Microsoft RNDIS protocol is, as designed, insecure and vulnerable on >any system that uses it with untrusted hosts or devices. Because the >protocol is impossible to make secure, just disable all rndis drivers to >prevent anyone from using them again. > >Windows only needed this for XP and newer systems, Windows systems older >than that can use the normal USB class protocols instead, which do not >have these problems. In other news, someone just proposed adding "RNDIS" things to UEFI, so now the security problem is added right back into machines but at another layer?! https://edk2.groups.io/g/devel/topic/patch_1_3/95531719
