Addressing the Issue Around the Windows Remote Desktop Protocol Server Flaw (MS012-020)
We’ve gotten a number of questions from customers who are concerned about the Remote Desktop Protocol (RDP) vulnerability addressed by Microsoft on Tuesday with their security bulletin MS012-020. We wanted to take a moment to update you on this.
This bulletin addresses a critical, remote execution vulnerability affecting Microsoft Windows systems that have RDP enabled. While this is not enabled by default on Windows systems, RDP provides remote access functionality that many environments utilize, thus potentially putting them at risk. This vulnerability is highly critical because it can be exploited even by unauthenticated users. Another fact that’s special about this vulnerability is that it affects all versions of Windows. Hence, it’s important to take mitigating steps.
Trend Micro customers who run Deep Security or the Intrusion Defense Firewall (IDF) who have applied the latest updates (Deep Security update DSRU12-006 and IDF update 12007) have protections against attempts to exploit this vulnerability. These updates were released on Tuesday March 13 and Wednesday March 14 , respectively. As a member of the Microsoft Active Protections Program (MAPP), Trend Micro received information from Microsoft as part of their regular security update release process to provide these protections to Trend Micro customers.
As part of their regular security update process, Trend Micro customers should regularly update these products to get the latest protections against exploits for these vulnerabilities.
In accordance with Microsoft’s guidance, Trend Micro customers are encouraged to test and deploy the Microsoft security updates as soon as possible. More detailed information about the vulnerabilities addressed in this security update is available from Microsoft at their Security Research and Defense blog.
Post from: TrendLabs | Malware Blog – by Trend Micro