Every second Tuesday of the month Microsoft publishes a set of security bulletins along with security updates (patches) that address the flaws described in the bulletins. Every IT gal and guy knows this, so we simply build in the security update review and deployment process into our planned maintenance schedule. Sometimes, however, a security bulletin makes us sit up a little straighter and re-adjust our schedule. Today was one of those days.
Microsoft’s security bulletin MS12-020 details a vulnerability in a Windows service called Remote Desktop Protocol (RDP). This is a feature used to log in to a computer over the network and is present on versions of Windows used in business (Windows XP Professional, Vista and Windows 7 Professional/Enterprise) as well as some home/consumer versions (Ultimate editions of Vista and Windows 7). Although it is not enabled by default in Windows, the RDP is oten used extensively on Windows Servers.
Most security flaws require the computer user to take some sort of action before the flaw can be exploited. MS12-020 is different! Due to this flaw, if RDP is enabled on the target system, an attacker could run a malicious program across the network (remotely!) and with full permission. This means that a notebook user sitting in a coffee shop and using the free WiFi service could have unwanted software installed on their system without being aware of it!
Moreover, if the malicious software is designed carefully, it could automatically start looking for other vulnerable computers on the network and infect them; computer security folk refer to this as a “self-propagating worm.” The consequence of this type of infection is that as the compromised computer moves from network to network (e.g. from the coffee shop to home then to work) it will infect other computers on each network. Those computers, in turn, will then also become vectors for worm propagation.
What should you do? Ensure that the KB2621440 update is installed as soon as possible. Refer to our How to apply Windows Updates article for details on how to do so.
This would also be an excellent time to ensure that your antivirus program is up to date, that Automatic Updates is enabled on your computer, and that other programs (most notably Adobe Reader, Adobe Flash and Java) are fully patched and set to check for new updates on a regular basis.
Updated 14-Mar-2012: Even though the Remote Desktop (RDP) feature is not available on “Home” versions of Windows, the update will still be offered and should be installed on:
- Windows 7 Home Basic or Home Premium
- Vista Home Basic or Home Premium
- Windows XP Home
Speak Your Mind