Navigation section
ms12-020
About this tag
MS12-020 is a critical security bulletin from Microsoft addressing vulnerabilities in the Remote Desktop Protocol (RDP) that could allow remote code execution. The update resolves two privately reported issues, with the most severe enabling an attacker to execute code by sending specially crafted RDP packets to an affected system. Proof-of-concept code for denial of service was publicly released shortly after the bulletin, though remote code execution exploits were not confirmed at that time. Microsoft urged customers to deploy the update promptly and provided a one-click Fix It tool to mitigate risk. Systems without RDP enabled are not vulnerable. This tag covers discussions about the bulletin, its impact, and mitigation steps.
-
Proof-of-Concept Code available for MS12-020
On March 15, we became aware of public proof-of-concept code that results in denial of service for the issue addressed by MS12-020, which we released Tuesday. We continue to watch the threat landscape and we are not aware of public proof-of-concept code that results in remote code execution...- News
- Thread
- active protections program confidentiality consumer protection cve-2012-0002 denial of service deployment extended security updates mapp microsoft mitigation ms12-020 optimal decisions proof of concept remote code execution security software vendors threat landscape trustworthy computing update vulnerability
- Replies: 0
- Forum: Security Alerts
-
MS12-020 - Critical : Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387)
Severity Rating: Critical Revision Note: V1.0 (March 13, 2012): Bulletin published. Summary: This security update resolves two privately reported vulnerabilities in the Remote Desktop Protocol. The more severe of these vulnerabilities could allow remote code execution if an...- News
- Thread
- bulletin critical ms12-020 rdp remote code execution remote desktop security technet vulnerability windows update
- Replies: 0
- Forum: Security Alerts