Security experts are urging people to deploy MS12-020, a security hotfix that was released this week.
This security update resolves two privately reported vulnerabilities in the Remote Desktop Protocol. The more severe of these vulnerabilities could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system.
This is the sort of vulnerability that will be seized upon very quickly by hackers because RDP is typically enabled on high value assets – servers. Deploy or be shamed like those who are still being hammered by Conficker. In my opinion, it is professional negligence not to get patched for something like this. BTW, I’ve read that people expect scripted attacks for this vulnerability within 30 days. You have been warned!
This blog post is the property of Aidan Finn (@joe_elway / http://www.aidanfinn.com) and may not be reused in any manner without prior consent of Aidan Finn. You may quote one paragraph from this blog post if you link to the original blog post.