Tag Archives: Microsoft Black Tuesday

Internet Explorer Still Vulnerable

Regarding IE 2012 Year End Vulnerability there is ‘Fix it’ available however there is no patch in Microsoft’s January Security Updates.  This could lead to an out-of-cycle patch and the current guidance is:

Leave a Comment

Critical Vulnerabilities in Remote Desktop MS12-020

Microsoft Security Bulletin MS12-020 says, “vulnerabilities could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system.”

  • It can be exploited over the network.
  • Companies often make RDP accessible on the standard TCP port 3389 from the Internet for remote access to servers and sometimes workstations.

SANS recommend applying the MS12-020 patch as quickly as practical in your environment. Until you install the patch, consider moving your RDP listeners to non-standard ports.  Additionally having NLA enabled, the vulnerable code is still present and could potentially be exploited for code execution. However, NLA would require an attacker to first authenticate to the server before attempting to exploit the vulnerability.

Reference:
KB 2671387

Leave a Comment