Vulnerability in Remote Desktop Protocol (RDP)
Microsoft has recently announced a vulnerability in Remote Desktop Protocol (RDP) that affects all versions of Windows from XP through the latest pre-release of Windows 8, including all Windows Server products. This bug allows a remote hacker to execute code on a system, essentially running any software they wish, without any intervention on the part of the user.
Obviously, this is a critical vulnerability and should be addressed as soon as possible by all customers who are affected. Anyone who uses RDP to connect to their Windows machines is vulnerable to this attack unless they take steps to ensure they apply the update. Microsoft has released Security Update MS12-020 which will patch this vulnerability. You can find more information at Microsoft’s TechNet blog post on the issue.
If you can’t patch
If you can’t patch your system at present for whatever reason, the blog post linked above offers several ways to mitigate the risk. If you fall into this category, you can also disable RDP entirely and install some other remote desktop application in place of RDP.
Microsoft states, at time of writing, that this hasn’t been seen used as an exploit in the real world yet, but expect it to only be a matter of time. They have stated that they expect to see this vulnerability exploited within a matter of days. We advise all customers to treat this as a matter of urgency.