| By Susan Bradley |
KB 2621440 is the one patch released this Patch Tuesday that needs to be installed immediately on all computers and servers that use Microsoft’s Remote Desktop app.
Remote Desktop is used on many computers and servers for remote access. If you use it, patch it now!
MS12-020 (2621440, 2667402)
PCs with Remote Desktop enabled threatened
Remote Desktop Protocol (RDP) is a Microsoft technology used by many users and server administrators to access PCs between offices and from home offices. If you use RDP over the Internet and do not have some additional protective device (such as a Virtual Private Network connection) to authenticate the remote network, you’re at risk of attack.
In fact, if you’re currently using Remote Desktop to access another computer over the Internet, I suggest you read to the end of this item and then immediately patch your system. This update is rated critical and applies to all supported versions of Windows (including Windows 8 Developer Preview).
If you’re running some version of remote desktop software on Android or iOS devices to access a workstation, and you’re using an RDP port other than the default 3389, you already have some protection. Using an alternate port will slow down hackers looking for port 3389, but it will not fool a smart hacker using an Internet-connection sniffing tool to discover other open ports. (For more on changing ports, see the MS Support article, “How to change the listening port for Remote Desktop.”
What if your company supports Androids and iPads over port 443 via RD Gateway? Good news! This configuration is not vulnerable because the connection is authenticated first over the SSL port before hitting the server. In addition, if you adjust your RDP connectivity to use Network Level Authentication (NLA), you’re protected. (You’ll still want to add the patch.)