Home / bulletins MS09-044 - Critical: Vulnerabilities in Remote Desktop Connection Could Allow Remote Code Execution (970927) - Version:2.0
Posted on 26 August 2009
CriticalSeverity Rating: Critical - Revision Note: V2.0 (August 25, 2009): Corrected the download link for RDP Version 5.2 for Windows XP Service Pack 2 (KB958469). Also corrected the footnote that prescribed an erroneous install sequence for KB958471 and KB958470. Customers who have successfully installed these updates do not need to reinstall.Summary: This security update resolves two privately reported vulnerabilities in Microsoft Remote Desktop Connection. The vulnerabilities could allow remote code execution if an attacker successfully convinced a user of Terminal Services to connect to a malicious RDP server or if a user visits a specially crafted Web site that exploits this vulnerability. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Other versions
- MS09-044 - Version: 1.0
- MS09-044 - Version: 2.1
- MS09-044 - Version: 1.2
- MS09-044 - Version: 2.0
