Microsoft: RDP flaw should be patched immediately

Posted on Wednesday, Mar 14 2012 @ 11:19 CET by Thomas De Maesschalck
Microsoft is urging users and businesses that run Remote Desktop Protocol applications to apply the newly released critical security update for Windows as soon as possible, as the vulnerability enables attackers to execute code on affected systems by sending a sequence of specially crafted RDP packets.
The critical bulletin – one of six security bulletins issued as part of today’s release – addresses two vulnerabilities in the Remote Desktop Protocol (RDP).

Microsoft Patch Tuesday March 2012“A little about MS12-020…this bulletin addresses one Critical-class issue and one Moderate-class issue in Remote Desktop Protocol (RDP),” Angela Gunn, security response communications manager for Microsoft’s Trustworthy Computing Group, explained in a blog post. “Both issues were cooperatively disclosed to Microsoft and we know of no active exploitation in the wild. The Critical-class issue applies to a fairly specific subset of systems – those running RDP – and is less problematic for those systems with Network Level Authentication (NLA) enabled.”

“That said, we strongly recommend that customers examine and prepare to apply this bulletin as soon as possible,” she added. “The Critical-class issue could allow a would-be attacker to achieve remote code execution on a machine running RDP (a non-default configuration); if the machine does not have NLA enabled, the attacker would not require authentication for RCE access.”
Source: Security Week


About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.



Loading Comments