Blog
Anand Yadav

MS12-020 Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387)

March 16, 2012
1 Comment
Estimated reading time: 2 minutes

The vulnerability lies in a part of Windows called the Remote Desktop Protocol (RDP) and could allow malicious hackers to run code without the users’ permission.The security hole affects Windows XP and all subsequent versions of Windows released, including the developer preview of Windows 8.

This security update resolves two privately reported vulnerabilities in the Remote Desktop Protocol. The more severe of these vulnerabilities could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system. By default, the Remote Desktop Protocol (RDP) is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk.

In a blog post, Microsoft predicted that an exploit would be created for the vulnerability within 30 days:
“Due to the attractiveness of this vulnerability to attackers, we anticipate that an exploit for code execution will be developed in the next 30 days.”

Affected software and version:

Windows XP Service Pack 3 (KB2621440)
Windows XP Professional x64 Edition Service Pack 2 (KB2621440)
Windows Server 2003 Service Pack 2 (KB2621440)
Windows Server 2003 x64 Edition Service Pack 2 (KB2621440)
Windows Server 2003 with SP2 for Itanium-based Systems (KB2621440)
Windows Vista Service Pack 2 (KB2621440)
Windows Vista x64 Edition Service Pack 2 (KB2621440)
Windows Server 2008 for 32-bit Systems Service Pack 2 (KB2621440)
Windows Server 2008 for x64-based Systems Service Pack 2 (KB2621440)
Windows Server 2008 for Itanium-based Systems Service Pack 2 (KB2621440)
Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1 (KB2621440)
Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1 (KB2667402)
Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1 (KB2621440)
Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1 (KB2667402)
Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1 (KB2621440)
Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1 (KB2667402)
Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 (KB2621440)
Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 (KB2667402)

For detailed information of all the bulletins and the corresponding vulnerabilities addressed, please visit,
http://technet.microsoft.com/en-us/security/bulletin/ms12-020

We recommend that users set their ‘Windows Update’ mode to ‘Install updates automatically’ so that the important patches get applied automatically.

Have something to add to this story? Share it in the comments.

1 Comment

Your email address will not be published.

CAPTCHA Image

  1. I appreciate, cause I found just what I was looking for. You have ended my four day long hunt! God Bless you man. Have a great day. Bye

    Reply