|
Microsoft Releases RDP Security Advisory
By David Utter
Expert Author
Article Date: 2005-07-18
Windows versions 2000, XP, and 2003 could be vulnerable to a Denial of Service condition via the Remote Desktop Protocol (RDP).
It would take a specially crafted message to accomplish the attack, but the only result would be a denial of service, causing the system to restart. Only Windows XP Media Center edition has RDP enabled by default.
To date, no attacks have been reported to Microsoft. The company advises that the presence of a firewall can mitigate the effect of an external attack. Users and administrators should ensure that Internet-connected systems have the minimum number of ports needed open.
Specifically, firewalls can be configured to block requests to TCP port 3389. Other workarounds listed by Microsoft include disabling Terminal Services or the Remote Desktop feature, or by implementing an IPSec policy or VPN connectivity.
Microsoft has not yet determined if an update will be released with its regular monthly update, or if it will provide one for RDP before the second Tuesday of August.
About the Author:
David Utter is a staff writer for WebProNews covering technology and business. Email him here.
|
|
