Security experts are urging people to deploy MS12-020, a security hotfix that was released this week.
This security update resolves two privately reported vulnerabilities in the Remote Desktop Protocol. The more severe of these vulnerabilities could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system.
This is the sort of vulnerability that will be seized upon very quickly by hackers because RDP is typically enabled on high value assets – servers. Deploy or be shamed like those who are still being hammered by Conficker. In my opinion, it is professional negligence not to get patched for something like this. BTW, I’ve read that people expect scripted attacks for this vulnerability within 30 days. You have been warned!