Does your organization run a Terminal Server (Remote Desktop Services server)? Or does your Windows desktop have Remote Desktop Protocol (RDP) enabled? If so, you need to deploy Microsoft’s security update!
A critical vulnerability found in Microsoft Windows could allow an attacker to execute remote control on a Windows system that has Remote Desktop Protocol (RDP) enabled. The attacker just needs to send a specially crafted sequence of packets to the targeted system. The attacker could then take complete control of the affected system, including installing programs; viewing, changing or deleting data; or creating new accounts with full user rights. The outcome of the attack could also be a denial of remote desktop service (DOS). Windows Systems that do not have RDP enabled are not at risk. Microsoft has issued a security update that is rated as critical for Windows 7, Windows 8, and Windows Server 2012. When this patch is implemented, it modifies how the terminal service handles the packets to protect your system.
Not sure if your Operating System has RDP enabled? Read on.
RDP “provides a user with a graphical interface to connect to another computer over a network connection.” In other words, it enables you to remotely connect to a computer that is running Windows from another computer running Windows if both computers are connected to the same network or to the Internet. For instance, you can connect into your office computer from your home computer and your monitor will display your work computer desktop. It will appear as if you are sitting at your work computer and you will be able to use your programs, files and network resources as if you were at the office. RDP is not enabled by default; it must be set up. To use RDP, your work computer must be turned on, you must have a network connection, Remote Desktop must be enabled, you must have network access to the remote computer, and you must be on the list of users with permission to connect through the firewall. You also will need a password to start a connection with the remote computer.
If your business is not installing updates (or if your IT company is not installing them for you), your systems are at risk. Big Idea Technology deploys security updates for our clients to keep their systems secure. We have already updated our clients’ systems with this patch (MS15-067). Has your Windows system been patched?