Microsoft Black Tuesday: Another Critical RDP Update

If you manage or run Microsoft products, it’s time to patch; especially if you use Remote Desktop and expose it outside your network.

Microsoft has posted their June security bulletin summary, which describes seven security bulletins fixing 27 vulnerabilities in many of their products, including:

  • Windows
  • Internet Explorer (IE)
  •  .NET Framework
  • Microsoft Lync (and Communicator 2007)
  • Microsoft Dynamics AX Enterprise Portal

They rate three of these bulletins as Critical, which typically means remote attackers can exploit them to gain control of affected computers.

The Remote Desktop Protocol (RDP) bulletin and Internet Explorer cumulative patch seem the most concerning to me. RDP is a very popular service, which some users and administrators enable externally. Today’s RDP update fixes a serious vulnerability that remote attackers could leverage to gain full control of your RDP servers. It’s similar in scope to another serious RDP flaw Microsoft fixed in March. If you manage RDP-enabled machines, I’d apply this update quickly.

The IE patch fixes 13 security flaws in the popular web browser. Many of the vulnerabilities allow for code execution, meaning attackers could exploit them to launch drive-by download attacks. Since almost all Microsoft users run IE, and attackers have increasingly leveraged web attacks to spread malware, I’d consider this the most important update, and apply it first. You can apply the other updates in the order suggested by Microsoft’s summary post.

I’ll share more details about these issues, and how to fix them, in consolidated LiveSecurity alerts I’ll post here shortly. Since I suspect only a few administrators use Lync and the Dynamic AX Enterprise Portal, I probably will only describe those updates in a short blog post, later. — Corey Nachreiner, CISSP (@SecAdept)

About Corey Nachreiner

Corey Nachreiner has been with WatchGuard since 1999 and has since written more than a thousand concise security alerts and easily-understood educational articles for WatchGuard users. His security training videos have generated hundreds of letters of praise from thankful customers and accumulated more than 100,000 views on YouTube and Google Video. A Certified Information Systems Security Professional (CISSP), Corey speaks internationally and is often quoted by other online sources, including C|NET, eWeek, and Slashdot. Corey enjoys "modding" any technical gizmo he can get his hands on, and considers himself a hacker in the old sense of the word.

Trackbacks/Pingbacks

  1. Less Severe Flaws affect Two Lesser-known Microsoft Products | WatchGuard Security Center - June 12, 2012

    [...] with the other Patch Day bulletins, Microsoft released updates for two products which I suspect only limited audiences know about. [...]

  2. Microsoft Warns of Zeroday XML Core Services Vulnerability | WatchGuard Security Center - June 12, 2012

    [...] their already busy Patch Day, Microsoft snuck out a security advisory warning their customers that attackers are  exploiting a [...]

  3. WatchGuard Security Week in Review: Episode 22 | WatchGuard Security Center - June 15, 2012

    [...] June Patch Day summary [...]

  4. Microsoft Warns of Zeroday XML Core Services Vulnerability | Varanoid.comVaranoid.com - July 7, 2012

    [...] their already busy Patch Day, Microsoft snuck out a security advisory warning their customers that attackers are  exploiting a [...]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 7,561 other followers

%d bloggers like this: