Home / bulletins MS12-036 - Critical : Vulnerability in Remote Desktop Could Allow Remote Code Execution (2685939) - Version: 1.2
Posted on 10 July 2012
There is an newer version: MS12-036 - Version: 1.3
CriticalSeverity Rating: Critical
Revision Note: V1.2 (July 10, 2012): Removed MS11-065 as a bulletin replaced by the KB2685939 update for Windows XP Service Pack 3, Windows XP Professional x64 Edition Service Pack 2, Windows Server 2003 Service Pack 2, Windows Server 2003 x64 Edition Service Pack 2, and Windows Server 2003 with SP2 for Itanium-based Systems. This is an informational change only. There were no changes to the detection logic or the update files.
Summary: This security update resolves a privately reported vulnerability in the Remote Desktop Protocol. The vulnerability could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system. By default, the Remote Desktop Protocol (RDP) is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk.Other versions
- MS12-036 - Version: 1.0
- MS12-036 - Version: 1.1
- MS12-036 - Version: 1.2
- MS12-036 - Version: 1.3
