Security Market Segment LS
Monday, 19 March 2012 10:59

Windows RDP exploit made public

By

A proof of concept exploit of Windows' Remote Desktop Protocol is circulating. If you can't patch your systems immediately, other protections may be called for.

Among the security bulletins released last week (March 13, US time) by Microsoft was one concerning a vulnerability in Remote Desktop Protocol (RDP). The company allocated the highest deployment priority to this patch, warning that a successful exploit was likely within 30 days.

Microsoft also provided a 'Fit It' to mitigate the risk for those who considered it necessary to conduct their own testing before deploying the update.

On Friday March 17 (US time), Microsoft revealed that it had been aware of a publicly available proof of concept exploit of the vulnerability. Although the vulnerability could allow remote code execution, Microsoft officials say the proof of concept only results in a denial of service.

"We continue to watch the threat landscape and we are not aware of public proof-of-concept code that results in remote code execution," said Yunsun Wee, director, trustworthy computing at Microsoft.

The company made information about the issue available to its security partners, allowing them to build protection into their products.

CONTINUED

 


Trend Micro CTO Raimund Genes said "As a remote desktop protocol that is widely used within enterprises this is really severe as attackers will be able to remotely control an affected system."

Symantec officials said "We have not yet seen any PoC that provides remote code execution." Sophos senior technology consultant Graham Cluley observed "Windows users should consider themselves on high alert and harden their defences."


Subscribe to Newsletter here

NEW OFFER - ITWIRE LAUNCHES PROMOTIONAL NEWS & CONTENT

Recently iTWire remodelled and relaunched how we approach "Sponsored Content" and this is now referred to as "Promotional News and Content”.

This repositioning of our promotional stories has come about due to customer focus groups and their feedback from PR firms, bloggers and advertising firms.

Your Promotional story will be prominently displayed on the Home Page.

We will also provide you with a second post that will be displayed on every page on the right hand side for at least 6 weeks and also it will appear for 4 weeks in the newsletter every day that goes to 75,000 readers twice daily.

POST YOUR NEWS ON ITWIRE NOW!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

These days our customers Advertising & Marketing campaigns are mainly focussed on Webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://www.itwire.com/itwire-update.html and Promotional News & Editorial.

For covid-19 assistance we have extended terms, a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.

BACK TO HOME PAGE

ZOOM WEBINARS & ONLINE EVENTS

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Research & Case Studies

Channel News

Comments