The Microsoft RNDIS protocol is, as designed, insecure and vulnerable on any system that uses it with untrusted hosts or devices. Because the protocol is impossible to make secure, just disable all rndis drivers to prevent anyone from using them again.
Windows only needed this for XP and newer systems, Windows systems older than that can use the normal USB class protocols instead, which do not have these problems.
This is such a weird statement. Who cares about the ancient Windows systems before XP? In this context, who cares about any of them besides Windows 10 and Windows 11 which haven't hit EOL? That's like writing "Windows only needs this for currently supported Windows systems".
Android has had this disabled for many years so there should not be any real systems that still need this.
Leave a comment: