Your company's ad could live here and reach over 50,000 people a month!

Share This Post

Microsoft digs deeper into the latest security release and urges you to update

If you weren’t incensed enough already to get the latest round of Microsoft patches rolled out, Microsoft is wanting to make sure you are completely aware of issues if you wait.

From their latest post:

Security Update MS12-020 addresses two vulnerabilities in Microsoft’s implementation of the Remote Desktop Protocol (RDP). One of the two, CVE-2012-002, is a Critical, remote code execution vulnerability affecting all versions of Windows. This blog post shares additional information with the following goals:

  • To strongly encourage you to make a special priority of applying this particular update;
  • To give you an option to harden your environment until the update can be applied.

Note that CVE-2012-0002 was privately reported and we are not aware of any attacks in the wild. Additionally, the remote desktop protocol is disabled by default. However, due to the attractiveness of this vulnerability to attackers, we anticipate that an exploit for code execution will be developed in the next 30 days.

We understand and appreciate that our customers often need time to evaluate and install bulletins as appropriate for their environment. For systems running RDP without Network-Level Authentication (NLA) enabled, this post includes information on a mitigation that may be applied in advance of the bulletin.

Read the full article:  CVE-2012-0002: A closer look at MS12-020’s critical issue

Share This Post

A community professional, keynoter, and evangelist who has driven social media and marketing strategies, editorial successes, delivered customer successes and built some of the largest and longest-running online communities. Rod has created, managed and grown small, medium, and mega-sized conferences; run entire editorial teams to deliver record traffic and market leadership; as product manager, directed the success of hundreds of product releases; supported sales and marketing to ensure customer success; developed, run and sold businesses; written thousands of technical articles, white papers, case studies, and technical documentation; hosted and delivered hundreds of attendance shattering webinars and virtual tradeshows; and delivered keynote speeches and sessions at a wide variety of events including conferences, webinars, events, and user groups.

Leave a Reply