Management Portal

SECURITY ALERT: Critical Vulnerability in Windows RDP, Patch Now (MS12-020)

SECURITY ALERT: Critical Vulnerability in Windows RDP, Patch Now (MS12-020)

Dear QuadraNet Customer,
This is a notice of an active security alert which could pose a threat to your server with operating system of Microsoft Windows.

Please see the alert below:

“Yesterday, during Microsoft’s Patch Tuesday they announced a patch for a critical vulnerability in Windows Remote Desktop. If exploited, the vulnerability would allow anyone to remotely run commands on your server.

This bug affects all versions of Windows (XP – 7/2008 R2)
If you have a server or workstation running RDP please patch it now. There currently is no known exploit, but Microsoft believes there will be one in the next 30 days. However, it is very likely there will be something sooner.

A temporary fix is to enable NLA (Network Layer Authentication). This would require the attacker to have valid login credentials, however if successfully exploited the remote commands would run as the SYSTEM user and not the user authenticated.”

The patch is available from Windows Update and there are manual patches linked below.

http://technet.microsoft.com/en-us/security/bulletin/ms12-020

http://blogs.technet.com/b/srd/archive/2012/03/13/cve-2012-0002-a-closer-look-at-ms12-020-s-critical-issue.aspx

Thank you for your attention,
QuadraNet Engineering Department
1-888-5-QUADRA (578-2372)
+1-(213) 614-9371
www.QuadraNet.com
support / sales @quadranet.com

www.Twitter.com/QuadraNet
www.Facebook.com/QuadraNet
http://forum.quadranet.com