RDP Vulnerability


Joined
Mar 6, 2012
Messages
5
Reaction score
1
New Windows flaw to spark Conficker 2.0?

Microsoft is urging administrators to patch their machines after it discovered a vulnerability that could allow hackers to take complete control of PCs running Windows and potentially pave the way f...or the next Conficker worm or worse.

"Due to the attractiveness of this vulnerability to attackers, we anticipate that an exploit for code execution will be developed in the next 30 days,"

HackLabs director Chris Gatford said that a comparable vulnerability would be MS08-67, discovered in 2008, which affected Windows XP, 2000, Vista, Server 2003, Server 2008 and the then pre-beta version of Windows 7. It took hackers only four days to release an exploit for MS08-67 and it went on to become a key vector of attack for several worms, including Conficker, which went on to arguably become one of top 10 viruses that changed the world.

http://www.zdnet.com.au/new-windows-flaw-to-spark-conficker-20-339333749.htm

The RDP Service which was patched and closed just over 24hrs ago, But some security researchers and IT Administrators think it's far more serious.

The vulnerability exists in all currently-supported versions of Windows, i.e. back to Windows XP and Windows Server 2003.

A vulnerability in a widely-deployed internet-facing service that exists in every version of Windows is particularly attractive ...to criminals.

Even though patch MS12-020 was released Tuesday to fix the problem, many systems will remain unpatched and vulnerable for weeks or even months. And because Microsoft has released the patch, the bad guys can now start reverse engineering it to develop an exploit.

Personaly; "I would think that we'll see this getting exploited within a week" "I believe on past experience that exploit code is probably 10 days off, and highly likely in 30 days,"

"Because of the number of instances of this protocol sitting out on the web there are, and the type of vulnerability it is, I wouldn't be surprised if it turns into a worm at some point, and we could have another Conficker Worm like the one in 2008 or it could end up being something like Blaster or Sasser worms from 2003".
 
Ad

Advertisements

Ian

Administrator
Joined
Oct 17, 2008
Messages
3,482
Reaction score
632
Interesting article - an RDP exploit could cause massive damage! Most people will have RDP disabled for home use (I guess), but I can think of plenty of mid-size businesses that use it and are terrible with patching systems.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top