Home / bulletins MS11-017 - Important: Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2508062) - Version:1.1
Posted on 08 March 2011
There is an newer version: MS11-017 - Version: 1.5
ImportantSeverity Rating: Important - Revision Note: V1.1 (March 8, 2011): Corrected the Systems Management Server table entries for SMS 2.0 and SMS 2003 with SUIT for Windows XP Service Pack 3 and Windows Server 2003 Service Pack 2. These are informational changes only. There were no changes to the security update files or detection logic.Summary: This security update resolves a publicly disclosed vulnerability in Windows Remote Desktop Client. The vulnerability could allow remote code execution if a user opens a legitimate Remote Desktop configuration (.rdp) file located in the same network folder as a specially crafted library file. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a document from this location that is then loaded by a vulnerable application.
Other versions
- MS11-017 - Version: 1.1
- MS11-017 - Version: 1.2
- MS11-017 - Version: 1.3
- MS11-017 - Version: 1.4
- MS11-017 - Version: 1.5
