SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Windows Remote Desktop Vendors:   Microsoft
Windows Remote Desktop Protocol Bugs Let Remote Users Deny Service and Execute Arbitrary Code
SecurityTracker Alert ID:  1026790
SecurityTracker URL:  http://securitytracker.com/id/1026790
CVE Reference:   CVE-2012-0002, CVE-2012-0152   (Links to External Site)
Updated:  Jun 13 2012
Original Entry Date:  Mar 13 2012
Impact:   Denial of service via network, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   Two vulnerabilities were reported in Windows Remote Desktop. A remote user can execute arbitrary code on the target system. A remote user can cause denial of service conditions.

The system does not properly access an object in memory that has been improperly initialized or has been deleted [CVE-2012-0002]. A remote user can send a series of specially crafted RDP protocol data to execute arbitrary code on the target system.

If Network Level Authentication is enabled, the remote user must first authenticate to Remote Desktop Services.

Luigi Auriemma (via TippingPoint's Zero Day Initiative) reported this vulnerability.

A remote user can send a series of specially crafted RDP protocol data to cause the RDP service to stop responding [CVE-2012-0152].

Impact:   A remote user can execute arbitrary code on the target system.

A remote user can cause the RDP service to stop responding.

Solution:   The vendor has issued the following fixes:

Windows XP Service Pack 3:

http://www.microsoft.com/downloads/details.aspx?familyid=18a1fe48-1318-4b93-afad-206950bb1ae5

Windows XP Professional x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=eccf865d-399a-4862-b26f-f35580419875

Windows Server 2003 Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=b69b4b9b-c0a1-4c1e-b081-8529eaf1536a

Windows Server 2003 x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=8081e67f-288c-4714-bff8-e0ff9777692f

Windows Server 2003 with SP2 for Itanium-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=521baa02-5d7a-4cba-8a1a-2af1b6e4cbe4

Windows Vista Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=39abdf7b-ea9d-4b95-a28d-4140374d531d

Windows Vista x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=e5970daf-4440-42fa-8efc-e6190c6a22aa

Windows Server 2008 for 32-bit Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=fef2c1d7-2004-43d7-aa49-673c6f374670

Windows Server 2008 for x64-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=4ffae13f-3432-4849-a2da-a76f96d7ceb3

Windows Server 2008 for Itanium-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=67581250-50fd-4f4c-a3cc-45ce2662b0c3

Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=16b0195c-84d3-4c08-8b98-ff2c80d144e1

Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=40b62d08-d2a2-4900-b01c-46fc761973d0

Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=7c1774cc-e00c-47f3-97a2-bc90de857793

Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2 for Itanium-based Systems Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=6a07f99c-8ab4-4e44-8d48-6ac787dd2b51

A restart is required.

[Editor's note: On June 12, 2012, Microsoft reissued MS12-020 to reoffer security update KB2667402 on all supported editions of Windows 7 and Windows Server 2008 R2. Customers using Windows 7 or Windows Server 2008 R2 should install the reofferred update, including those who have already successfully installed the original update.]

The Microsoft advisory is available at:

http://technet.microsoft.com/en-us/security/bulletin/ms12-020

Vendor URL:  technet.microsoft.com/en-us/security/bulletin/ms12-020 (Links to External Site)
Cause:   Access control error
Underlying OS:  Windows (2003), Windows (2008), Windows (7), Windows (Vista), Windows (XP)
Underlying OS Comments:  XP SP3, 2003 SP2, 2008 R2 SP1, Vista SP2, 7 SP1, 2008 SP2; and prior service packs

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC