Microsoft Fixes Major PC Flaw with Security Update

Microsoft says it has fixed only one 'critical' security flaw this Patch Tuesday. However, it appears to be a highly significant vulnerability.

For those not familiar with the terminology, 'critical' vulnerabilities are those rated to be most in need of addressing.

Flaw Could Allow Remote Code Execution

The 'critical' security flaw is a remote code execution vulnerability in Microsoft's Remote Desktop Protocol (RDP). Every version of Windows is reportedly left vulnerable by the problem.

So long as the vulnerability remains unpatched, Microsoft says, a hacker who is able to convince a computer user to run certain code on their Windows system can probably breach that system via remote hijacking.

Microsoft further acknowledges that knowledgeable hackers could use this flaw to succeed in hijacking a computer even without possessing legitimate network credentials.

In the most likely scenario, a hijacker could exploit the vulnerability and go on to install software, view sensitive information, alter or delete important data, and override existing user accounts on the hijacked computer. (Source: pcmag.com)

Luckily, by default RDP is not enabled on most Windows machines. However, it is frequently turned on within many business environments for remote log-in purposes.

If an IT administrator forgets to disable RDP after using it, a computer system -- or even an entire network -- could be left vulnerable to remote attack.

Because this flaw is so serious and important, Microsoft is urging all system administrators to update their systems immediately with the Windows patch released on March 13, 2012.

Security experts, like McAfee Labs director of advanced research and threat intelligence Dave Marcus, agree. "An unauthenticated remote code execution is pretty much as bad as it gets," Marcus said. (Source: pcmag.com)

RDP Threats Not Particularly New

Other experts point to previous examples of RDP exploitation as good reason to install Microsoft's fix as soon as possible.

"Last fall we saw the RDP worm Morto attacking publicly exposed Remote Desktop services across businesses of all sizes," said Kurt Baumgartner, senior security researcher for Kaspersky Lab.

"The Morto worm incident brought attention to poorly secured RDP services. Accordingly, this Remote Desktop vulnerability must be patched immediately." (Source: eweek.com)

Beyond advising the immediate implementation of Microsoft's most recent Patch Tuesday fix, security experts are also using the occasion to remind IT administrators to disable RDP unless it's absolutely necessary.

There are five other security bulletins being addressed by Microsoft this month, but none is rated 'critical.'