 News Menu |
|
|
| Site Menu |
|
|
| Site Affiliates |
|
|
| Advertisements |
|
|
|
|
|
|
| |
Microsoft has issued a security advisory warning that XP users could be at risk from a DoS (define)due to a vulnerability in Remote Desktop Protocol (RDP).
The vulnerability was discovered by security researcher Tom Ferris of SP (security-protocols) Research Labs. In a post on the Security-Protocols site, "badpack3t" wrote that they notified Microsoft about the flaw in May and allegedly were told that a patch would be out for it by August. SP Research Labs did not disclose the details of how to exploit the flaw nor did they provide proof of concept code along with their website posting.
In the advisory, Microsoft said the vulnerability was responsibly reported to Microsoft originally, but the finder chose to publish the details of the vulnerability publicly before a fix was available.
The flaw, as described by SP Research, is a "remote kernel DoS flaw within Microsoft Windows XP SP2 fully patched, with the firewall on."
In its advisory Microsoft admitted that its own "initial" investigation showed that the DoS flaw could be triggered by an attacker using a specially crafted Remote Desktop Protocol(RDP) request. Microsoft noted that its investigation has shown that the vulnerability does not lead to a system takeover, only DoS.
Microsoft's RDP allows for the remote desktop management and is currently enabled by default on Windows XP Media Center Edition, and as an option on other versions of XP and Windows 2000 and Windows Server 2003.
Pending the completion of a full investigation Microsoft noted it would issue a patch if required during its monthly patch update or out of cycle if it was merited.
 News source: InternetNews
|
| There is 1 additional comment, Post a comment | View printable post | Open/Close All Comments |
| #1 Posted by Daniel at 16 Sep 2005 - 20:11 |
 |
|
Realy good site!
|
 Hidden |
|
|
 |
|
|
|
Recent 
Recent 
Announcement
