| FNAL Critical Vulnerability Patch By: March 20, 2012 Product: Microsoft Windows - Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (MS012-020) Platform: Microsoft XP SP2 and SP3, Microsoft Vista SP2 (32 & 64 bit), Windows Server 2003 SP2 (32 & 64 bit, Itanium), Windows Server 2008 SP2 (32 & 64 bit, Itanium), Windows 7 SP1 (32 & 64 bit), Windows Server 2008 R2 (x64 and Itanium) Host Remediation: Windows machines should apply Microsoft patch MS12-020 (part of the March 2012 patch bundle). Use a Desktop firewall (or IPSec filters) with a default deny policy, if possible. FNAL Site Actions: Force deadline for patch MS12-020 to be early morning March 20th. A vulnerability has been reported and patched by Microsoft affecting how Windows machines (see above for affected platforms) respond to specially crafted packets via the Remote Desktop Protocol (RDP). An attacker may send these crafted packets to a system running Terminal Services service, which may result in remote code execution. Since an exploit is in the wild and is being actively used, all affected Windows systems (particularly servers) must be patched by March 20th, 2012. Microsoft reference URL: http://technet.microsoft.com/en-us/security/bulletin/ms12-020 |
|
For
assistance contact servicedesk@fnal.gov.
Information compiled and maintained by Computer Security Team ; last modified on Nov 11, 2011. (Address comments about page to the Computer Security Team.) |