Microsoft Security Bulletin – Remote Desktop Vulnerabilities Could Allow Remote Code Execution By Giorgio Bonuccelli on | 0
Microsoft have released a Security Bulletin (MS12-020) outlining some vulnerabilities in Microsoft’s RDP protocol implementation.
These vulnerabilities are important to take into consideration when using 2X Remote Application Server since connectivity can be established using the Microsoft RDP Protocol.
The security bulletin encourages Network Administrators to apply the update, as well as reconsidering and hardening the environment to avoid any vulnerability until the update is implemented.
The security update addresses two issues identified by Microsoft; the worst case scenario being the ability to execute remote code if an attacker sends a sequence of specially crafted RDP packets to an affected system.
Microsoft posted a closer look at this update available here which covers how to harden your environment by enabling Network Level Authentication. There is also a Fixit Utility which can be deployed so that NLA is enabled on client machines.
Useful links:1. Security Bulletin: http://technet.microsoft.com/en-us/security/bulletin/ms12-020 2. Closer look: http://blogs.technet.com/b/srd/archive/2012/03/13/cve-2012-0002-a-closer-look-at-ms12-020-s-critical-issue.aspx 3. How to configure NLA: http://technet.microsoft.com/en-us/library/cc732713.aspx