Microsoft’s Windows Remote Desktop Protocol (RDP) is a tool that lets users remotely access a PC or server. RDP is frequently used by off-site users and IT support organizations to remotely manage servers
Yesterday Microsoft released a security patch to address weaknesses in their RDP application. According to Microsoft the critical vulnerability, CVE-2012-0002, could be exploited by an attacker who simply sends specially-crafted data packets to a system with RDP enabled.
Microsoft has tagged this with an exploitability index rating of “1,” meaning it expects exploits to appear within 30 days, and ranking the update as the one to patch before all others.
Once these exploits are developed we can expect widespread attacks where hackers use search engines and port sniffing to find as many RDP-enabled machines as possible.
What should you do about this? If you are currently using RDP, apply the patch. If you are using an outside IT support organization, find out if they are using RDP to administer your server. If they are, have them apply the patch.