Microsoft Security Bulletin (March 2012) Closed Critical RDP Security Hole

Microsoft Security Bulletin (March 2012) Closed Critical RDP Security Hole 

Microsoft released March 2012 Security bulletins to close a total of seven security holes in its products. Among them one Critical-class, four Important and one Moderate – addressing seven issues in Microsoft Windows, Visual Studio, and Expression Design. According to Microsoft (MS12-020) remote code execution vulnerability has been found in RDP (Remote Desktop Protocol).
The first of these is a "critical-class" issue in RDP that could be exploited by an attacker to remotely execute arbitrary code on a victim's system. Although RDP is disabled by default, many users enable it so they can administer their systems remotely within their organizations or over the Internet. All supported versions of Windows from Windows XP Service Pack 3 to Windows 7 Service Pack 1 and Windows Server 2008 R2 are affected. As the issue was reported to company by the Zero Day Initiative (ZDI), Microsoft says that it has yet to see any active attacks exploiting these in the wild, but warns that, "due to the attractiveness of this vulnerability to attackers", it anticipates "that an exploit for code execution will be developed in the next 30 days". Because of this it recommends that installing the updates should be made a priority. 
Microsoft has also provided a workaround and a no-reboot "Fix it" tool that enables Network-Level Authentication (NLA) to mitigate the problem. A second "moderate-class" denial-of-service (DoS) which can cripple an RDP server was also fixed.
A brief overview of all of these updates, including descriptions about each of the vulnerabilities, can be found in Microsoft's Security Bulletin Summary for March 2012.




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

LINK TO OUR HOME PAGE :
Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info. Thank You ! -Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You! -Team VOGH

0 comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...