Remote Desktop Protocol vulnerabilities could allow remote code execution
Report ID: MS201203004
Date Published: 14 March 2012
Criticality: Critical
Compromise Type: remote-code-execution denial-of-service
Compromise From: remote
Affected Product/Component:
Windows XP
Windows Server 2003
Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2
Summary
Two vulnerabilities in Remote Desktop Protocol (RDP) could lead to remote code execution and denial of service.
Detailed Description
Microsoft has released a security update to resolve two vulnerabilities in the Remote Desktop Protocol (RDP). Both vulnerabilities exist during the processing of a sequence of specially crafted packets. The first vulnerability would lead to the access of a deleted or improperly initialized object in memory. An attacker could exploit this condition to execute arbitrary code and take control of an affected system. The second one is a denial of service vulnerability, which an attacker could use to cause the RDP service to stop responding.
These two vulnerabilities have been resolved in the update by modifying the way RPD service processes packets. Users are recommended to install this latest update to protect their system.
CVE Reference
CVE-2012-0002
CVE-2012-0152
Solution
Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-020)
