Microsoft Distribute an Emergency Patch for Windows RDP
Microsoft has just released their monthly security bulletins that are designed to fix seven vulnerabilities in Windows operating system, Visual Studio, and Microsoft Expression Design. most serious two bugs are a critical one that affects Remote Desktop Protocol (RDP) and allows attacker to run a remote code on victim’s machine.
Remote Desktop Protocol (RDP) is not enabled by default on operating system but I think that it is widely used by system administrators for configuring MS based servers and desktops. On the other hand you need to not keep such service running on internet without required security measures, so you can do the following:
- Make sure that you have implemented a VPN for encrypting and authenticating your access from internet.
- Change the default port used by RDP so insiders do not detect it.
- Microsoft advice users to use Network Level Authentication (NLA) which will add authentication mechanism before the RDP login screen.
- Enable the RDP only when it is really required, so you can enable it for certain time till the operation take place and then disable it.
The remaining 5 bulletins include four with important severity and one moderate, so it is time to review these bulletins and schedule your next patches according to what you are using as software’s internally. You can read the Microsoft Security Bulletin Summary for March 2012 by following this link.