07.213.2012 - MS12-020 - Critical : Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387) - Version: 2.1

Severity Rating: Critical Revision Note: V2.1 (July 31, 2012): Bulletin revised to announce a detection change in the Windows Vista packages for KB2621440 to correct a Windows Update reoffering issue. This is a detection change only. Customers who have already successfully updated their systems do not need to take any action. Summary: This security update resolves two privately reported vulnerabilities in the Remote Desktop Protocol. The more severe of these vulnerabilities could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system. By default, the Remote Desktop Protocol (RDP) is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk. - View Microsoft Security Bulletin MS12-020 - View Microsoft Knowledge Base Article - on: 2. - Visit Microsoft Corporation