Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Microsoft Security update fixes serious vulnerability in Windows Remote Desktop


  • Please log in to reply
2 replies to this topic

#1 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,640 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:22 AM

Posted 13 March 2012 - 04:38 PM

Microsoft released Security Update MS12-020 today that closes serious vulnerabilities in the Windows Remote Desktop service. This vulnerability affects all versions of Windows starting with Windows XP Service Pack 3. This vulnerability is classified as critical and allows remote code execution on affected computers. Remote code execution means that a hacker could create a program that would remotely exploit this vulnerability and would allow them to execute programs on your computer without your permission or knowledge. In this age of identity theft, this is really scare stuff as the remote hacker would then be able to gain full access to your computer, the data that resides on it, and the traffic that flows through it. This vulnerability was disclosed privately to Microsoft by Luigi Auriemma through TippingPoint's Zero Day Initiative program. Though there are no known exploits available for this vulnerability, according to a Microsoft TechNet blog post due to it's attractiveness they expect an exploit to be developed within the next 30 days. As this is patch tuesday and this is a big vulnerability, everyone should immediately install all available Windows Updates now!


BC AdBot (Login to Remove)

 


#2 snemelk

snemelk

    inżynier


  • Malware Response Team
  • 1,468 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:08:22 AM

Posted 16 March 2012 - 02:07 PM

Proof-of-concept RDP vulnerability code discovered. Patch Windows now

SophosLabs has seen proof-of-concept code on Chinese websites which tries to exploit the recently announced Microsoft RDP vulnerability, causing computers to crash.

(...)

The code we've seen - in the form of Python scripts - attempts to exploit the MS12-020 RDP vulnerability and causes Windows computers to blue screen. It wouldn't be a surprise if whoever is writing this code to further develop the attacks to produce a fast-spreading internet worm.


c18903e63196580f.gif
snemelk.hekko.pl - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver


#3 Union_Thug

Union_Thug

    Bleeps with the fishes...


  • Members
  • 2,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:is everything
  • Local time:02:22 AM

Posted 17 March 2012 - 12:34 AM

Well that sure didn't take long.

Microsoft says hacking code could have leaked

Microsoft's process for sharing information about security vulnerabilities in its products came under fire Friday after a roadmap for exploiting a severe, recently discovered flaw appeared on a hacking website in China.

The guideline, known as "proof-of-concept" code, most likely leaked from one of the more than 70 security companies that get advance warnings from the company about major new holes, according to the researcher who found the flaw.

snip

The researcher who discovered the flaw in May last year, Italian Luigi Auriemma, first submitted his findings and the proof-of-concept to a security group led by Hewlett-Packard's TippingPoint. That group tested and vetted the research and passed it on to Microsoft in August so that the company could develop a patch.

Auriemma had been checking to see who would reverse-engineer the patch first, and was startled to find that the first code to circulate was his own.
Posted Image:blink:



Why would one have RDP enabled with no network authentication required in the first place? :whistle:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users