Windows users are being urged to install a patch for a critical flaw in Windows’ Remote Desktop Protocol which can lead to remote code execution.
Microsoft is warning Windows users the world over to apply the security patch released yesterday as soon as possible, following the discovery of a flaw in the Remote Desktop Protocol (RDP) server.
Security Update MS12-020, released as part of the monthly Patch Tuesday update cycle yesterday, is rated ‘critical’ by the organisation and addresses a serious flaw with the server used to provide remote access to Windows-based systems.
The company has warned that the flaw allows an attacker to exploit any Windows system running the RDP service over the network, and potentially over the internet providing RDP access is permitted through the firewall as is common for remote access. Worse still, the flaw can be exploited before authentication is requested and allows for remote code execution under the ‘system’ privilege level, giving attackers full and unrestricted access to the underlying operating system.
Is this automatically installed with the windows updates or do we have to download patch ourselves separately.
I’ve looked at my auto updates from microsoft and this update has not been loaded as of yet. Wondering the same thing as Carol.
Ditto to the above. I did a Windows Update “check for updates” and received “there are no updates available for your computer”. Does this mean it won’t be available until Tuesday?
Does this mean we HAVE to install this patch and should we? I’m still on XP.
OK how come no one has answered this one???