Jump to content

* * * * * 1 votes

Critical Remote Desktop Hole Patched - Attack Expected Within 30 Days

  • Please log in to reply
3 replies to this topic

#1 Burned Phoenix

Burned Phoenix

    WinMatrix Addict

  • News Poster
  • 3,488 posts

Posted 14 March 2012 - 03:11 PM

Microsoft has released March 2012 Security Update for patching 7 vulnerabilities in Windows and other Microsoft products, out of which one is critical. It's a remote desktop flaw that Microsoft promised would result in attacks within the month.

"Note that CVE-2012-0002 was privately reported and we are not aware of any attacks in the wild. Additionally, the remote desktop protocol is disabled by default. However, due to the attractiveness of this vulnerability to attackers, we anticipate that an exploit for code execution will be developed in the next 30 days."

According to Microsoft, the remote desktop flaw could lead to remote code execution. And though this service, called Remote Desktop Protocol (RDP), is disabled by default in Windows, it's used by many businesses and thus is expected to be attacked quickly.

As a result, Microsoft has provided workarounds that will mitigate the issues ahead of patch deployment. The workarounds are available as Microsoft Fix It solutions, which essentially enable a feature called Network Level Authentication (NLA) for RDP.

Sources: Security Research & Defense, WinSupersite

#2 SurB86



  • Member
  • 1,437 posts

Posted 14 March 2012 - 05:47 PM

Here is the bulletin deployment priority chart for March 2012:

Posted Image

#3 USG Ishimura

USG Ishimura

    Super WinMatrixian

  • Member
  • 1,787 posts

Posted 15 March 2012 - 09:16 PM

sounds scary :lol:

#4 SurB86



  • Member
  • 1,437 posts

Posted 17 March 2012 - 08:54 AM

It's an exploit targets a vulnerability in Windows' remote desktop protocol, giving an attacker full control over a system and the ability to easily spread to other machines with remote desktop enabled.

This code was submitted to Microsoft last year to demonstrate a serious exploit in Windows has somehow made it into the wild, either through Microsoft itself or one of its security partners according to The Verge

Want to comment?

Register or Sign In to go completely ad-free!