MS12-036 – Critical : Vulnerability in Remote Desktop Could Allow Remote Code Execution (2685939) – Version: 1.1

Severity Rating: Critical
Revision Note: V1.1 (June 13, 2012): Added a workaround in the Vulnerability Information section that explains how to enable Network Level Authentication on Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2.
Summary: This security update resolves a privately reported vulnerability in the Remote Desktop Protocol. The vulnerability could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system. By default, the Remote Desktop Protocol (RDP) is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk.

Leave a Reply

Your email address will not be published. Required fields are marked *

* Copy This Password *

* Type Or Paste Password Here *

5,151 Spam Comments Blocked so far by Spam Free Wordpress