Rapid7 Vulnerability & Exploit Database

MS12-053: Vulnerability in Remote Desktop Could Allow Remote Code Execution (2723135)

Back to Search

MS12-053: Vulnerability in Remote Desktop Could Allow Remote Code Execution (2723135)

Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
08/13/2012
Created
07/25/2018
Added
08/14/2012
Modified
01/11/2016

Description

This security update resolves a privately reported vulnerability in the Remote Desktop Protocol. The vulnerability could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system. By default, the Remote Desktop Protocol (RDP) is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk.

Solution(s)

  • WINDOWS-HOTFIX-MS12-053-b3a7222c-310e-44b5-9242-c2b378e76f26

References

  • WINDOWS-HOTFIX-MS12-053-b3a7222c-310e-44b5-9242-c2b378e76f26

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;