1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Microsoft RDP CVE-2012-0002 2

Attack: Microsoft RDP CVE-2012-0002 2

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a remote code execution vulnerability in Microsoft RDP.

Additional Information

This vulnerability in Microsoft RDP allows the hackers to execute code on the machine with Network or System privileges.

Microsoft Remote Desktop Protocol is prone to a remote code-execution vulnerability. This issue occurs because the application accesses an object in memory that has been improperly initialized or has been deleted. Attackers can exploit this issue by sending a sequence of specially crafted RDP (Remote Desktop Protocol) packets to an affected computer.

Successful exploits will allow the attacker to execute arbitrary code in the context of the affected process. This may facilitate a complete system compromise. Failed attacks may cause denial-of-service conditions.

Affected

  • Microsoft Windows running Remote Desktop Protocol (RDP)
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube