Microsoft: RDP Vulnerability Should Be Patched Immediately 126
wiredmikey writes "Microsoft is urging organizations to apply the sole critical update in this month's Patch Tuesday release as soon as possible. The critical bulletin – one of six security bulletins issued as part of Tuesday's release – addresses two vulnerabilities in the Remote Desktop Protocol (RDP). Those IT admins who use RDP to manage their machines over the internet, which is essentially the default in cloud-based installations such as Amazon's AWS, need to patch as quickly as possible, said Qualys CTO Wolfgang Kandek. Besides the RDP bugs, this month's Patch Tuesday addressed five other vulnerabilities: two denial-of-service bugs and an escalation of privileges issue in Microsoft Windows; a remote code execution vulnerability in Microsoft Expression Design; and an escalation of privileges issue in Microsoft Visual Studio."
Re:Not worrying (Score:5, Informative)
It could happen to Linux as well. But it doesn't.
Linux does have comparable remote-access protocols to RDP, all of which have had plenty of remote exploits in past. For example have a look at CERT advisories on SSH [google.com] and X11 [google.com]. Don't even get me started on VNC, which is often not updated automatically because it's an installable add-on instead of a system component.
Re:Not worrying (Score:3, Informative)