Results 1 to 13 of 13
-
03-14-2012, 11:48 AM #1WHT Addict
- Join Date
- Jul 2008
- Location
- Dallas, TX
- Posts
- 107
Critical Vulnerability in Windows RDP, Patch Now (MS12-020)
Yesterday during Microsoft's Patch Tuesday they announced a patch for a critical vulnerability in Windows Remote Desktop. If exploited, the vulnerability would allow anyone to remotely run commands on your server.
This bug affects all versions of Windows (XP - 7/2008 R2)
If you have a server or workstation running RDP please patch it now. There currently is no known exploit, but Microsoft believes there will be one in the next 30 days. However, it is very likely there will be something sooner.
A temporary fix is to enable NLA (Network Layer Authentication). This would require the attacker to have valid login credentials, however if successfully exploited the remote commands would run as the SYSTEM user and not the user authenticated.
The patch is available from Windows Update and there are manual patches linked below.
http://technet.microsoft.com/en-us/s...letin/ms12-020
http://blogs.technet.com/b/srd/archi...cal-issue.aspxRyan G. - Limestone Networks - Network Engineer
Cloud, Dedicated, & Enterprise Hosting - Premium Network - Passionate Support
Resell Dedicated Servers - @LimestoneInc - 877.586.0555 x1
-
03-14-2012, 07:51 PM #2Junior Guru Wannabe
- Join Date
- Apr 2002
- Posts
- 76
Thanks for the heads up.
It is a good idea to have NLA always enabled, BTW.
-
03-15-2012, 09:30 AM #3
Thanks for sharing, Ryan!
Jason Canady • Unlimited Net, LLC
812.669.0551 • sales [at] unlimitednet.us
Midwest Hosting Solutions • AS11990
Dedicated Server Hosting
-
03-15-2012, 11:08 AM #4WHT Addict
- Join Date
- Dec 2006
- Posts
- 131
Thanks for sharing! Though it's not that big of a deterrent to someone really bent on attacking my server, this thread makes me happy that I just changed the RDP port address.
Windows 2008 R2 SP1 x64
Core2Quad Q9650; 8GB ddr2
-
03-15-2012, 11:20 AM #5Randy
- Join Date
- Aug 2006
- Location
- Ashburn VA, San Diego CA
- Posts
- 4,615
Fun times!
Fast Serv Networks, LLC | AS29889 | DDOS Protected | Managed Cloud, Streaming, Dedicated Servers, Colo by-the-U
Since 2003 - Ashburn VA + San Diego CA Datacenters
-
03-15-2012, 01:12 PM #6Web Hosting Evangelist
- Join Date
- Nov 2003
- Posts
- 538
-
03-15-2012, 03:23 PM #7Quality Web Hosting Matters
- Join Date
- Mar 2006
- Location
- Servers
- Posts
- 1,590
Thanks Ryan, good job.
█ QHoster.com - Web Hosting with DDoS Protection | Shared & Reseller in Europe/North America
█ Linux/Windows RDP VPS 13 Locations : UK, US (5 states), Mexico, Canada, Bulgaria, Lithuania,
█ Italy, France, Germany,Netherlands, Switzerland, Rissia, Singapore | OpenVPN/PPTP Enabled
█ INSTANT | PayPal, Skrill, Payza, Bitcoin, WebMoney, Perfect Money, Ukash, CashU, paysafecard
-
03-15-2012, 03:34 PM #8Aspiring Evangelist
- Join Date
- Mar 2009
- Posts
- 391
Working PoC already available to script kiddies, will crash unpatched servers..
I am told 'full version' PoC will be released tomorrow .. What a nightmare !!
http://cdn.anonfiles.com/1331835211725.rar
-
03-15-2012, 04:52 PM #9Randy
- Join Date
- Aug 2006
- Location
- Ashburn VA, San Diego CA
- Posts
- 4,615
Fast Serv Networks, LLC | AS29889 | DDOS Protected | Managed Cloud, Streaming, Dedicated Servers, Colo by-the-U
Since 2003 - Ashburn VA + San Diego CA Datacenters
-
03-15-2012, 05:32 PM #10WHT Addict
- Join Date
- May 2008
- Location
- DataCenter
- Posts
- 143
thanks for the heads up
TechWacky - The Social Tech Guide - HERE
(¯ Currently operate servers with: Wholesale Internet, EvoSwitch, DataShack
_) Previous servers: Limestone Networks, RapidSwitch, Poundhost, TailorMadeServers, JoesDC
-
03-15-2012, 06:25 PM #11WHT Addict
- Join Date
- Dec 2006
- Posts
- 131
Went to do the manual update and it said I already have it installed.
Windows 2008 R2 SP1 x64
Core2Quad Q9650; 8GB ddr2
-
03-16-2012, 05:55 AM #12Web Hosting Master
- Join Date
- Aug 2006
- Posts
- 1,171
WebSitePanel/ MspControl / SolidCP / Smartermail / Installation / Configuration / Troubleshooting / Migrations
Windows Server Management / Security / Hardening
I speak English and Spanish
-
03-16-2012, 12:20 PM #13Disabled
- Join Date
- Mar 2012
- Posts
- 71
Thanks for the alert Limestone. Really helpful I hope more people see this thread and patch their Windows machines.
Similar Threads
-
RDP Windows VPS! UK & USA Locations - RDP Enabled on setup! - Full Admin Access
By 314Hosting in forum VPS Hosting OffersReplies: 0Last Post: 02-21-2012, 06:38 PM -
PHP 5.3.9 Critical Bug - Patch now
By Ramprage in forum Hosting Security and TechnologyReplies: 62Last Post: 02-08-2012, 01:07 PM -
Zen Cart Security Vulnerability Alert + Patch
By WaferVPS in forum Ecommerce Hosting & DiscussionReplies: 1Last Post: 06-28-2009, 09:31 AM -
cPanel critical vulnerability
By phiber_9 in forum Hosting Security and TechnologyReplies: 4Last Post: 03-01-2006, 02:13 PM -
Guess What, Kids? Another Critical IE Security Patch!
By BigBison in forum Web Hosting LoungeReplies: 7Last Post: 10-15-2004, 11:31 PM