Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

Remote Desktop Protocol vulnerability could allow remote code execution


Report ID: MS201206001
Date Published: 13 June 2012

Criticality: Critical
Compromise Type: remote-code-execution
Compromise From: remote


Affected Product/Component:

Windows XP
Windows Server 2003
Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2




Summary

A vulnerability in the Remote Desktop Protocol (RDP) could allow an attacker to execute arbitrary code on a targeted system.



Detailed Description

Microsoft has issued a security update to resolve a vulnerability that was reported found in the Remote Desktop Protocol (RDP). By default, RDP is not enabled on any Windows operating system, so only systems with RDP enabled are at risk of this vulnerability.

The vulnerability was caused when RDP accesses an improperly initialized or a deleted object in memory as a result of processing a sequence of malicious packets. An attacker could take advantage of this condition to execute arbitrary code and take control of an affected system.

The latest update release fixes this issue by modifying the way RDP processes packets in memory. Users are recommended to install the update to protect their system from potential exploit attempt.



CVE Reference

CVE-2012-0173



Solution

Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-036)




Security Advisories

For a list of known vulnerabilities affecting F-Secure products and the released fixes, please refer to the Security Advisories page.