Home / bulletins MS12-036 - Critical : Vulnerability in Remote Desktop Could Allow Remote Code Execution (2685939) - Version: 1.1
Posted on 13 June 2012
There is an newer version: MS12-036 - Version: 1.3
CriticalSeverity Rating: Critical
Revision Note: V1.1 (June 13, 2012): Added a workaround in the Vulnerability Information section that explains how to enable Network Level Authentication on Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2.
Summary: This security update resolves a privately reported vulnerability in the Remote Desktop Protocol. The vulnerability could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system. By default, the Remote Desktop Protocol (RDP) is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk.Other versions
- MS12-036 - Version: 1.0
- MS12-036 - Version: 1.1
- MS12-036 - Version: 1.2
- MS12-036 - Version: 1.3
