Microsoft’s Guidance on CVE-2012-0002

First: Microsoft’s Remote Desktop Protocol is disabled on Windows by default. So most computers are unaffected by issues highlighted as a result of the month’s “Patch Tuesday”. However: If you administer RDP enabled workstations — then you probably should read Microsoft’s Security Research & Defense post about CVE-2012-0002.


CVE-2012-0002 was privately reported to Microsoft, and there are no reports of it being exploited in the wild. But it’s only a matter of time before the patch is reverse, and this vulnerability is exploitable.

So read Microsoft’s post, schedule, test, and deploy. And do it sooner than later.

On 14/03/12 At 01:03 PM

Read more: Microsoft’s Guidance on CVE-2012-0002

Story added 15. March 2012, content source with full text you can find at link above.