Microsoft: 'We urge you to promptly apply this security update'

Microsoft regularly patches its various Windows versions to fix bugs and close exploits but the latest security update, released on Tuesday, is getting some special attention from the company. In a blog post, Microsoft said that the update, MS12-020, should be downloaded and installed by Windows XP, Vista and 7 users right away.

The vulnerability in question relates to the remote desktop protocol in Windows. The exploit could allow any hackers to run malicious code on your Windows PC " ... if an attacker sends a sequence of specially crafted RDP packets to an affected system."

The good news? This exploit was found by an anonymous third party who then contacted Microsoft to inform them of the issue. In addition, the remote desktop protocol is disabled by default in all versions of Windows.

Nevertheless, Microsoft is still recommending strongly that all Windows users grab and install the security update, saying:

Developing a working exploit will not be trivial – we would be surprised to see one developed in the next few days. However, we expect to see working exploit code developed within the next 30 days.

The update should be available automatically via Windows Update so what are you waiting for? Patch it up right now!

Report a problem with article
Previous Story

"The new iPad" to start selling at 8 am Friday

Next Story

Photobucket developers discuss Windows 8 app creation

36 Comments

Commenting is disabled on this article.

Tablets run software just the same, and every major tablet OS has been the recipient of some form of security update. This update is particularly important because it specifically affects remote access servers, which is generally not a feature that most tablets support.

However, if you were to install SSH or VNC on your tablet so you could gain some utility of the device while not directly in front of it, there's no reason they couldn't become susceptible to similar attacks and require similar updates. It's the nature of the beast.

Well... on my end the only affected workstation is the one at work, 'cause we all still use xp.
I'm using W8 at home so I'm guessing this exploit does not affect W8 systems?

In addition, the remote desktop protocol is disabled by default in all versions of Windows.

in all desktop versions of Windows.

XP/Vista/7 need the patch ... what about 2003/2003R2/2008/2008R2? I have trouble bringing down our production servers with such little notice.

Xenomorph said,
XP/Vista/7 need the patch ... what about 2003/2003R2/2008/2008R2? I have trouble bringing down our production servers with such little notice.

If your systems are not running RDP, or are running RDP and do not have ports forwarded and you are using a VPN server/client setup like you should be, it isn't much risk to you, apply it at your next patch cycle.

Would restarting the Terminal Server/Client Services allow this patch to be applied without a reboot?

I also would prefer to apply, but hold off on a reset of my servers.

Xenomorph said,
XP/Vista/7 need the patch ... what about 2003/2003R2/2008/2008R2? I have trouble bringing down our production servers with such little notice.

Do you not have a regimented / agreed patch or maintenance window? I don't understand ANY place that doesn't make time to keep Windows fully patched. Non 24/7 places you can do the maintenance out of hours, and 24/7 places should have built highly available systems where you can do rolling updates failing over with mirroring / HA technologies.

xendrome said,

If your systems are not running RDP, or are running RDP and do not have ports forwarded and you are using a VPN server/client setup like you should be, it isn't much risk to you, apply it at your next patch cycle.


And if we do fall into the categories you have mentioned?

Chicane-UK said,

Do you not have a regimented / agreed patch or maintenance window? I don't understand ANY place that doesn't make time to keep Windows fully patched. Non 24/7 places you can do the maintenance out of hours, and 24/7 places should have built highly available systems where you can do rolling updates failing over with mirroring / HA technologies.

That perfect world you live in must be nice.

I wish MS could provide info as to why my Windows 7 box at work cannot connect to an NLA enabled Server 2008/R2 server. Tells me that my workstation is not capable of doing that. Yet, it does work from using the MRemoteNG application....

Haven't found anything on Google to fix this issue.

briangw said,
I wish MS could provide info as to why my Windows 7 box at work cannot connect to an NLA enabled Server 2008/R2 server. Tells me that my workstation is not capable of doing that. Yet, it does work from using the MRemoteNG application....

Haven't found anything on Google to fix this issue.


NLA needs your PC setup with AD domain login afaik and you need to login from a domain account

n_K said,

NLA needs your PC setup with AD domain login afaik and you need to login from a domain account

Yep, this is a work PC on a domain. The funny thing is, it works from a co-worker's PC but not from mine. And, it does work from mine if I am using MRemoteNG.

DJGM said,
This affects Windows XP, Vista and 7 ... but does it affect Windows 8CP as well?

Maybe, but you shouldn't be running the CP on your production systems.

Panda X said,

Who said it was his production system?

Well why else would you care if it effected your Win 8 system or not? If it's a test system to play around with Win 8 then you wouldn't care since you have nothing of any importance on there (not to mention you probably wouldn't have it running 24x7 making it less susceptible to exploits by "specially crafted RDP packets").

Tim Dawg said,
Well why else would you care if it effected your Win 8 system or not? If it's a test system to play around with Win 8 then you wouldn't care since you have nothing of any importance on there (not to mention you probably wouldn't have it running 24x7 making it less susceptible to exploits by "specially crafted RDP packets").

Perspective is a wonderful thing - consider someone else's as well as your own

I'm using Win8 full time because i'm actively developing for Windows 8 - thus I do care. End of.

Panda X said,
Who said it was his production system?

Point being is that MS rarely issue patches for Beta software.
I can only think of two open betas that had security patches pushed before RC.

Cyborg_X said,
no patch , just MSE defs

yesterday was patch tuesday, so it probably already applied if you have automatic updates on.