Businesses using versions of Windows from Windows XP Service Pack 3 onwards should patch a critical flaw in the software as a matter of priority, say security professionals.
Microsoft brought out a patch for the flaw on Tuesday, documented in the MS12-020 security bulletin. Hackers could use the vulnerability to take control of a computer system by sending malformed Remote Desktop Protocol (RDP) packets over the internet.
Caused by the way RDP treats an improperly initialised or deleted object in memory, the bug affects Windows XP Service Pack 3, Windows XP Professional x64 Edition Service Pack 2, iterations of Windows Server 2003 and Server 2008, Windows Vista SP2, and Windows 7.
“The vulnerability itself is accessible through the network, does not require authentication and allows code execution on the targeted machine, a highly prized combination by attackers,” said Qualys chief technology officer Wolfgang Kandek in a blog post.
“Microsoft has rated its exploitability index as 1, meaning that they expect working exploits to be out in fewer than 30 days,” he added.
Microsoft patched seven vulnerabilities with six patches on Tuesday, according to its March security bulletin. Businesses should concentrate on patching the MS12-020 RDP vulnerability, said Kandek.
“All of your focus should be on MS12-020,” said Kandek. “Within the week apply the patch on your Windows machines that are running the RDP service and are internet facing.”
RDP is popular among businesses for remotely controlling Windows machines, but is not active by default, said Kandek.
“[RDP] needs to be configured and started by the system’s owner, which then makes the vulnerability accessible,” said Kandek. “Consequently we expect that only a relatively small percentage of machines will have RDP up and running.”
Microsoft said in its bulletin that the MS12-020 patch was pushed out through automatic updates.
“Customers who have not enabled automatic updating need to check for updates and install this update manually,” said Microsoft.
“All of your focus should be on MS12-020,” said Kandek. “Within the week apply the patch on your Windows machines that are running the RDP service and are internet facing.”
RDP is popular among businesses for remotely controlling Windows machines, but is not active by default, said Kandek.
“[RDP] needs to be configured and started by the system’s owner, which then makes the vulnerability accessible,” said Kandek. “Consequently we expect that only a relatively small percentage of machines will have RDP up and running.”
Microsoft said in its bulletin that the MS12-020 patch was pushed out through automatic updates.
“Customers who have not enabled automatic updating need to check for updates and install this update manually,” said Microsoft.
All Posilan supported PC’s and servers have already been updated as part of our proactive support service.
Via: ZDNet
Recent Comments