Microsoft has disclosed an extremely critical security vulnerability in the Remote Desktop Protocol (RDP) (MS12-020, CVE-2012-0002). The vulnerability allows attackers to execute code over the network without authentication.
Severity of the Vulnerability
The security vulnerability is rated as extremely critical:
- Remotely exploitable without authentication
- Affects all Windows versions with RDP enabled
- Wormable — can spread automatically
Affected Systems
All Windows versions with Remote Desktop enabled are affected:
- Windows Server 2003, 2008, 2008 R2
- Windows XP, Vista, 7
Immediate Actions
- Install the Patch: Microsoft has released security patch KB2621440. Install it immediately.
- Restrict RDP: Limit RDP access via firewall to trusted IP addresses.
- Enable Network Level Authentication (NLA): NLA provides an additional layer of protection.
Managed Server Customers
For Windows managed server customers, we have already applied the patch and adjusted the firewall rules accordingly.
For questions, please contact info@ingate.de.
