It appears you have not yet registered with our community. To register please click here...

Go Back [M] > Madshrimps > WebNews
Windows flaw reaches beyond XP Windows flaw reaches beyond XP
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Windows flaw reaches beyond XP
Thread Tools
Old 19th July 2005, 00:05   #1
Sidney's Avatar
Join Date: Mar 2004
Posts: 15,738
Sidney Freshly Registered
Default Windows flaw reaches beyond XP

A security flaw that could let an attacker remotely crash computers running Windows exists in several versions of the operating system, not just Windows XP.

Windows 2000, Windows XP and Windows Server 2003 are vulnerable to a denial-of-service attack that exploits a problem in the Remote Desktop Protocol, Microsoft said in an advisory on Saturday.

RDP is a protocol that enables remote access to Windows systems. Because of a flaw in the way Windows handles remote desktop requests, an attacker could crash a PC by sending a malformed remote request, Microsoft said.

The advisory was released after the security researcher who discovered the flaw last week flagged Windows XP as vulnerable. Microsoft confirmed the issue on Friday and published the advisory over the weekend.

Microsoft said it is working on a patch, but noted that it is not aware of any attacks that try to exploit the vulnerability. However, security experts at The SANS Institute on Saturday did notice an increase in port scanning activity on the network port used by RDP. That could be a sign that hackers are trying to look for targets.

While most Windows versions ship with RDP services disabled, Remote Desktop is turned on out-of-the-box in Windows XP Media Center Edition. Only computers using services that have RDP enabled are vulnerable, Microsoft said in its advisory.

Services with RDP include Terminal Services in Windows 2000 and Windows Server 2003, and Remote Desktop Sharing and Remote Assistance in Windows XP.

Until a patch is available, Microsoft suggests users block TCP port 3389 (the port used by RDP) on their firewall, disable Terminal Services or Remote Desktop if not required, or secure remote desktop connections using either Internet Protocol Security or a virtual private network connection.

Opteron 165 (2) @2.85 1.42 vcore AMD Stock HSF + Chill Vent II
Sidney is offline   Reply With Quote

Similar Threads
Thread Thread Starter Forum Replies Last Post
Microsoft warns of TLS/SSL flaw in Windows jmke WebNews 0 10th February 2010 13:28
175 Windows 7 Tweaks, Tips, and How-To Articles jmke WebNews 2 23rd October 2009 14:00
Microsoft Patch Tuesday: 5 Criticals, 2 Important, 1 Moderate Patch jmke WebNews 0 14th April 2009 18:47
Microsoft Security Bulletin Summary for September 2008 jmke WebNews 0 9th September 2008 19:20
Microsoft Security Bulletin Summary for August 2007 jmke WebNews 0 14th August 2007 22:21
IE flaw puts Windows XP SP2 at risk Sidney WebNews 3 6th February 2007 17:25
Cybercrooks add Windows flaw to arsenal jmke WebNews 0 2nd October 2006 10:08
Microsoft Security Bulletin Summary for June 2006 jmke WebNews 0 14th June 2006 20:51
Windows Firewall flaw may hide open ports Sidney WebNews 0 2nd September 2005 05:55
List of fixes included in Windows XP Service Pack 2 jmke WebNews 1 17th August 2004 15:03

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off

All times are GMT +1. The time now is 09:30.

Powered by vBulletin® - Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO