Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

Remote Desktop Protocol vulnerabilities could allow remote code execution


Report ID: MS201203004
Date Published: 14 March 2012

Criticality: Critical
Compromise Type: remote-code-execution denial-of-service
Compromise From: remote


Affected Product/Component:

Windows XP
Windows Server 2003
Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2




Summary

Two vulnerabilities in Remote Desktop Protocol (RDP) could lead to remote code execution and denial of service.



Detailed Description

Microsoft has released a security update to resolve two vulnerabilities in the Remote Desktop Protocol (RDP). Both vulnerabilities exist during the processing of a sequence of specially crafted packets. The first vulnerability would lead to the access of a deleted or improperly initialized object in memory. An attacker could exploit this condition to execute arbitrary code and take control of an affected system. The second one is a denial of service vulnerability, which an attacker could use to cause the RDP service to stop responding.

These two vulnerabilities have been resolved in the update by modifying the way RPD service processes packets. Users are recommended to install this latest update to protect their system.



CVE Reference

CVE-2012-0002
CVE-2012-0152



Solution

Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-020)



Security Advisories

For a list of known vulnerabilities affecting F-Secure products and the released fixes, please refer to the Security Advisories page.