Home > Windows Server > Security Flaw in Remote Desktop

Security Flaw in Remote Desktop

3/16/2012 UPDATE:

Exploit code published for RDP worm hole

————————————-

I don’t always post on Windows security updates, but when I do, it’s a Dos Equis near to my heart!  Do you use Remote Desktop?  Of course you do.  That’s why you need to install this update immediately:

MS12-020: Vulnerabilities in Remote Desktop could allow remote code execution

This is important for anyone running just about any version of Windows, but especially if you’ve got any machine exposing Remote Desktop directly to the internet (such as a Terminal Server).  Fortunately there is a mitigation for those who just cannot patch tonight: enable NLA for your Remote Desktop connections.RDP - Network Level Authentication

Read more here.

Hop to it!  Microsoft says not to wait for a normal patch-cycle on this one…

  1. March 14, 2012 at 4:16 am

    Was reading up on this last night, a nasty vulnerability. I’d imagine people are working on a real-world exploit as we speak.

    This could lead to a nasty RDP worm too, so definitely worth patching internally.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 59 other followers

%d bloggers like this: