Exploit code published for RDP worm hole
I don’t always post on Windows security updates, but when I do, it’s
a Dos Equis near to my heart! Do you use Remote Desktop? Of course you do. That’s why you need to install this update immediately:
MS12-020: Vulnerabilities in Remote Desktop could allow remote code execution
This is important for anyone running just about any version of Windows, but especially if you’ve got any machine exposing Remote Desktop directly to the internet (such as a Terminal Server). Fortunately there is a mitigation for those who just cannot patch tonight: enable NLA for your Remote Desktop connections.
Read more here.
Hop to it! Microsoft says not to wait for a normal patch-cycle on this one…
Was reading up on this last night, a nasty vulnerability. I’d imagine people are working on a real-world exploit as we speak.
This could lead to a nasty RDP worm too, so definitely worth patching internally.