The scramble is on again to patch Microsoft’s Remote Desktop Protocol; there are no known attacks via RDP yet, but they’re expected soon.
Other Microsoft products fixed this week are the usual players: Internet Explorer, .NET, and the Windows kernel.
Critical flaw in Remote Desktop Protocol
If that headline sounds a bit familiar, it’s because it wasn’t so long ago we were offered patches in MS12-20 for another critical RDP vulnerability. As before, this new flaw leaves users vulnerable if their RDP process is listening on a network-connection port.
KB 2685939 fixes a critical remote code–execution vulnerability in all versions of Windows Server and desktop Windows from Win7 SP1 onward. It’s described as a denial-of-service issue and rated only moderate for earlier versions of Windows.
Interestingly, if you’re using Remote Desktop on an iPad to connect back to your desktop, you’re vulnerable. An attacker can gain complete control of your system by sending specially crafted packets to an open RDP port.
Windows 7 users will see two RDP patches this week. As discussed in the next item, KB 2667402 will show up again. It doesn’t matter which of the two patches you install first.
What to do: Install KB 2685939 (MS12-036) as soon as possible.