ms13-029

MS13-029 is a critical security bulletin from Microsoft addressing a vulnerability in the Windows Remote Desktop Client that could allow remote code execution if a user views a specially crafted webpage. The update resolves a privately reported flaw and is rated critical because an attacker who successfully exploits it can gain the same user rights as the current user. Users with administrative rights are at greater risk. The bulletin was originally published on April 9, 2013, and later revised on June 25, 2013, to rerelease the update for Remote Desktop Connection 7.0 Client on Windows XP Service Pack 3. Microsoft strongly recommends that affected customers apply the security update immediately.