Rapid7 VulnDB

MS09-044: Vulnerabilities in Remote Desktop Connection Could Allow Remote Code Execution (970927)

Back to Search

MS09-044: Vulnerabilities in Remote Desktop Connection Could Allow Remote Code Execution (970927)

Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
08/11/2009
Created
07/25/2018
Added
11/17/2009
Modified
09/09/2016

Description

This security update resolves two privately reported vulnerabilities in Microsoft Remote Desktop Connection. The vulnerabilities could allow remote code execution if an attacker successfully convinced a user of Terminal Services to connect to a malicious RDP server or if a user visits a specially crafted Web site that exploits this vulnerability. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Solution(s)

  • WINDOWS-HOTFIX-MS09-044-2582caec-08a9-47ad-ae88-dc570c248a68
  • WINDOWS-HOTFIX-MS09-044-259c6bb6-7344-45bb-878b-b93fb9bca5c4
  • WINDOWS-HOTFIX-MS09-044-3ac952ea-4d6a-4814-ab61-d8a81cbd8148
  • WINDOWS-HOTFIX-MS09-044-6718c27d-86db-428c-abf7-b1deb584250e
  • WINDOWS-HOTFIX-MS09-044-69504cb3-a60c-4d2d-a4ee-5306a477e5e6
  • WINDOWS-HOTFIX-MS09-044-76a6e83a-4c63-4a35-b73e-b503d5d76218
  • WINDOWS-HOTFIX-MS09-044-8eaac468-57b9-40dd-b50f-d3a292e05ab1
  • WINDOWS-HOTFIX-MS09-044-966fd806-bcaf-4311-aacd-166db47d169a
  • WINDOWS-HOTFIX-MS09-044-a29016f6-08d9-4f3b-b067-1a654a60b837
  • WINDOWS-HOTFIX-MS09-044-bc857118-8882-490a-8829-2542bec396fd
  • WINDOWS-HOTFIX-MS09-044-ccb18487-7d1d-431f-97c6-faf25e1ac4c2
  • WINDOWS-HOTFIX-MS09-044-d21a581c-fb52-45ed-8362-ffe44d89eeb0
  • WINDOWS-HOTFIX-MS09-044-d4550db4-4d0b-454a-b620-e557054726d7
  • WINDOWS-HOTFIX-MS09-044-d6f367db-659c-447c-9053-cbfa9a059625
  • WINDOWS-HOTFIX-MS09-044-dc622945-dc9b-4df0-b66b-58622d68c152
  • WINDOWS-HOTFIX-MS09-044-ee69b39f-4dee-4bd9-8ff2-d01b082e2c4a
  • WINDOWS-HOTFIX-MS09-044-f9080a2c-1d0e-464f-b9ad-cbd2c005bc26

References

  • WINDOWS-HOTFIX-MS09-044-2582caec-08a9-47ad-ae88-dc570c248a68
  • WINDOWS-HOTFIX-MS09-044-259c6bb6-7344-45bb-878b-b93fb9bca5c4
  • WINDOWS-HOTFIX-MS09-044-3ac952ea-4d6a-4814-ab61-d8a81cbd8148
  • WINDOWS-HOTFIX-MS09-044-6718c27d-86db-428c-abf7-b1deb584250e
  • WINDOWS-HOTFIX-MS09-044-69504cb3-a60c-4d2d-a4ee-5306a477e5e6
  • WINDOWS-HOTFIX-MS09-044-76a6e83a-4c63-4a35-b73e-b503d5d76218
  • WINDOWS-HOTFIX-MS09-044-8eaac468-57b9-40dd-b50f-d3a292e05ab1
  • WINDOWS-HOTFIX-MS09-044-966fd806-bcaf-4311-aacd-166db47d169a
  • WINDOWS-HOTFIX-MS09-044-a29016f6-08d9-4f3b-b067-1a654a60b837
  • WINDOWS-HOTFIX-MS09-044-bc857118-8882-490a-8829-2542bec396fd
  • WINDOWS-HOTFIX-MS09-044-ccb18487-7d1d-431f-97c6-faf25e1ac4c2
  • WINDOWS-HOTFIX-MS09-044-d21a581c-fb52-45ed-8362-ffe44d89eeb0
  • WINDOWS-HOTFIX-MS09-044-d4550db4-4d0b-454a-b620-e557054726d7
  • WINDOWS-HOTFIX-MS09-044-d6f367db-659c-447c-9053-cbfa9a059625
  • WINDOWS-HOTFIX-MS09-044-dc622945-dc9b-4df0-b66b-58622d68c152
  • WINDOWS-HOTFIX-MS09-044-ee69b39f-4dee-4bd9-8ff2-d01b082e2c4a
  • WINDOWS-HOTFIX-MS09-044-f9080a2c-1d0e-464f-b9ad-cbd2c005bc26

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;