Home / bulletins MS11-017 - Important: Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2508062) - Version:1.2
Posted on 10 March 2011
There is an newer version: MS11-017 - Version: 1.5
ImportantSeverity Rating: Important - Revision Note: V1.2 (March 9, 2011): Corrected the Non-Affected Software component entries for the service pack 1 versions of Windows 7 and Windows Server 2008 R2 from Remote Desktop Connection 7.0 Client to Remote Desktop Connection 7.1 Client. These are informational changes only. There were no changes to the security update files or detection logic.Summary: This security update resolves a publicly disclosed vulnerability in Windows Remote Desktop Client. The vulnerability could allow remote code execution if a user opens a legitimate Remote Desktop configuration (.rdp) file located in the same network folder as a specially crafted library file. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a document from this location that is then loaded by a vulnerable application.
Other versions
- MS11-017 - Version: 1.1
- MS11-017 - Version: 1.2
- MS11-017 - Version: 1.3
- MS11-017 - Version: 1.4
- MS11-017 - Version: 1.5
