Skip to main content

More Details About Windows MS12-020 RDP Flaw

Microsoft issued a security update which the company could allow an attacker to "send a sequence of specially crafted RDP packets to an affected system".

According to Microsoft, the vulnerability, which is classified as Critical, affects users of Windows XP, Vista and Windows 7 as well as Windows Server 2003 & 2008 and comes as an unpatched glitch in the Remote Desktop Protocol.

Windows Home Server 2011 and the various flavours of Windows 8 are apparently immune to the glitch. Microsoft confirmed that systems that do not have RDP enabled will not be at risk.

This vulnerability allows attackers to use the Remote Desktop service and install applications remotely, take over control on an infected computer or even create new user accounts with administrative rights.

Although no malware has not yet been detected in the wild that could take advantage of the vulnerability, Microsoft encourages users to apply the update immediately either manually or through the Microsoft Update service.