Microsoft released six patches for its Windows platform this week, including one that patches a "critical" hole in the RDP protocol. Microsoft has issued a warning that this hole needs to be patched NOW, as they are expecting attacks on this vulnerability sometime in the next 30 days.
The security bulletin, which you can read at http://blogs.technet.com/b/srd/archi...cal-issue.aspx says:
So make sure you have your auto-updates on, or force an update now so that you can avoid any issues down the road!Note that CVE-2012-0002 was privately reported and we are not aware of any attacks in the wild. Additionally, the remote desktop protocol is disabled by default. However, due to the attractiveness of this vulnerability to attackers, we anticipate that an exploit for code execution will be developed in the next 30 days.
Bookmarks