Call Us Today - 325.895.5721
Live Chat

Microsoft warns: Expect exploits for critical Windows worm hole

If your company uses Remote Desktop, this warning is for you. An update for Microsoft’s MS12-020 is available and should be installed right away.

According to a bulletin posted by Microsoft, there’s a vulnerability in the implementation of the Remote Desktop Protocol (RDP). Specifically, “This issue is potentially reachable over the network by an attacker before authentication is required. RDP is commonly allowed through firewalls due to its utility. The service runs in kernel-mode as SYSTEM by default on nearly all platforms (except for one exception described below). During our investigation, we determined that this vulnerability is directly exploitable for code execution. Developing a working exploit will not be trivial – we would be surprised to see one developed in the next few days. However, we expect to see working exploit code developed within the next 30 days,” said Microsoft.

There is one way to protect yourself before the update is installed, and that’s to enable network level authentication (NLA). Enabling NLA won’t stop a hacker from exploiting the vulnerability for code execution, but the need to authenticate to the server first might be a deterrent.

Microsoft has provided instructions for enabling NLA interactively or via group policy here, or you can use the “Fix it” button here.

Is your business concerned about your overall IT security?  Don’t be, trust our team of Microsoft Professionals and top IT security specialists to take care of all your IT security requirements.  Call us today.

Comments are closed.

Texas IT Support
Texas IT Support Now!

Fill in your contact details below and a member of our West Texas IT support team will be in touch with you.

I'm interested in:

I need help with:

When can we call you?


Jason is my go to guy whenever we have any IT issues or new plans for expansion of our IT requirements. He is always proactive and I feel that we never have to worry that our system is not up to date. SniderIT brings solutions to us so we do not have to go looking for them.

Jarrod Stokes
San Angelo Packing Company
Read more››