MS11-017 - Important : Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (250

Discussion in 'Security Alerts' started by News, Sep 8, 2011.

  1. News

    News Extraordinary Robot
    News Feed

    Jun 27, 2006
    Likes Received:
    Severity Rating: Important
    Revision Note: V1.5 (May 4, 2011): Corrected the bulletin replacement information for Remote Desktop Connection 5.2 Client on supported editions of Windows XP Service Pack 3. This is a bulletin change only. There were no changes to the detection or security update files.
    Summary: This security update resolves a publicly disclosed vulnerability in Windows Remote Desktop Client. The vulnerability could allow remote code execution if a user opens a legitimate Remote Desktop configuration (.rdp) file located in the same network folder as a specially crafted library file. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a document from this location that is then loaded by a vulnerable application.


Share This Page