[原文]pGina 1.7.6 and possibly older versions, when the Restart or Shutdown options are enabled on the login screen, allows remote attackers to cause a denial of service by connecting via Remote Desktop and clicking restart or shutdown.
Windows systems running Remote Desktop with the pGina replacement for msgina.dll contain a flaw that may allow a malicious user to shut down or reboot the system remotely. The issue due to the fact that the shutdown and restart options are available in the login screen unless explicitly disabled by the administrator. It is possible that the flaw may allow the vulnerable system to be shut down without authenticating, resulting in a loss of availability.
Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s):
Explicitly disable the shutdown and/or restart functionality in Remote Destkop.