If you weren’t incensed enough already to get the latest round of Microsoft patches rolled out, Microsoft is wanting to make sure you are completely aware of issues if you wait.
From their latest post:
Security Update MS12-020 addresses two vulnerabilities in Microsoft’s implementation of the Remote Desktop Protocol (RDP). One of the two, CVE-2012-002, is a Critical, remote code execution vulnerability affecting all versions of Windows. This blog post shares additional information with the following goals:
- To strongly encourage you to make a special priority of applying this particular update;
- To give you an option to harden your environment until the update can be applied.
Note that CVE-2012-0002 was privately reported and we are not aware of any attacks in the wild. Additionally, the remote desktop protocol is disabled by default. However, due to the attractiveness of this vulnerability to attackers, we anticipate that an exploit for code execution will be developed in the next 30 days.
We understand and appreciate that our customers often need time to evaluate and install bulletins as appropriate for their environment. For systems running RDP without Network-Level Authentication (NLA) enabled, this post includes information on a mitigation that may be applied in advance of the bulletin.
Read the full article: CVE-2012-0002: A closer look at MS12-020’s critical issue