MS12-020 fixes 2 vulnerabilities generated on remote desktop protocol which could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system.
Most of Windows OS were set RDP function as unavailable by default, however, it can be vulnerable on security threat. Therefore, we recommend install latest security patch from being infected by network worm.
MSRC (Microsoft Security Response Center) set the patch "Critical" when internet worm is available.
Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to another computer. The protocol is an extension of the ITU-T T.128 application sharing protocol. Clients exist for most versions of Microsoft Windows (including Windows Mobile), Linux, Unix, Mac OS X, Android, and other modern operating systems.
2. Attacking tools and code
About MS12-020(CVE-2012-0002) security hole, various PoC(Proof of Concept)s has been revealed in overseas countries including China.
Besides, MS12-020 PoC were leaked on purpose by Luigi Auriemma who officially reported this vulnerability.
In China, various attacking tools have been generated including IP/PORT scanning functions. If those files are spread as worm files, it can make additional damage cases.
INCA Internet response team is monitoring both CLI(Command Line Interface) based and GUI(Graphical User Interface) based attacking tools. Among those tools, we found some tools from China which can attack easily with just inputting target IP address.
Users won't be damaged by when malicious attacker just using tool, however, users need to maintain latest security update from being infected.
MS12-020 attacking tools from China are easy to handle to malicious attack. INCA Internet response team detected that this tool can terminate remote PCs which are vulnerable in RDP.
When remote desktop connection is available, we can use this tool by inputting IP address of target PC and clicking attack button. Remote PC will appear BSoD and be rebooted.
In this procedure, "shutdown event tracker" can appear and waiting booting procedure which needs to be clicking OK button. Sudden reboot can occur unexpected damages.
3. How to prevent
This vulnerability can be protected by MS12-020 security update. Therefore, Windows OS users need to maintain the latest security update.
On using computer, security update is not selectable but essential. To
use PC safely from security threats of these malicious attachments, we recommend
you download latest security updates and obey following "Security management
tips" for general users.
INCA Internet (Security Response Center / Emergency Response Team) runs responding system against various security threats.
Security management
tips
1. Maintain the latest security update on OS and applications
2. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
3. Do not see and download attached file from suspicious e-mail.
4. Keep caution to link from instant messenger and SNS.
1. Maintain the latest security update on OS and applications
2. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
3. Do not see and download attached file from suspicious e-mail.
4. Keep caution to link from instant messenger and SNS.
INCA Internet (Security Response Center / Emergency Response Team) runs responding system against various security threats.
Bạn cần chuyển hàng từ thái lan về việt nam? Bạn đang tìm công ty hoặc nơi nhận nhập khẩu hàng thái lan. Nếu như vậy hãy liên hệ với chúng tôi. Chúng tôi chuyên nhận vận chuyển hàng từ nước ngoài về Việt Nam. Với các dịch vụ như đặt hàng quảng châu giá rẻ, mua hàng mỹ, nhập hàng từ trung quốc về việt nam, chuyển hàng trung quốc về việt nam ,... Với những dịch vụ đa dạng phong phú như dịch vụ mua hàng trung quốc chúng tôi sẽ giúp bạn dễ mua được món hàng bạn yêu thích. Bạn không cần phải tìm hướng dẫn cách mua hàng trên taobao nữa, chỉ việc liên hệ với chúng tôi.
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteI think that you defiantly need to look here for some info on how to write amazing looking essay. Only the best students are looking for the stuff like this
ReplyDeleteKineMaster for ios
ReplyDeleteFree fire ios
KineMaster
garena Free fire
This comment has been removed by the author.
ReplyDeleteBạn có lô hàng cần vận chuyển hàng đi Hà Nội như ở https://nhathong.vn/pages/chuyen-hang-di-ha-noi mà chưa có xe tải nào chịu nhận ?
ReplyDeleteVậy hãy đến với Vận Tải Nhật Hồng tại https://nhathong.vn đây.
Bởi vì chúng tôi là chành xe tải đi Hà Nội tại https://nhathong.vn/blogs/ha-noi/chanh-xe-di-ha-noi nên có rất nhiều dòng xe tải phù hợp với lô hàng của bạn.
Vì thế, bạn hãy liên hệ với chúng tôi khi cần bạn nhé.
The article is very good, I love reading your article. It contains lots of useful information.
ReplyDeletefnaf world
Great Article
ReplyDeleteNetwork Security Projects for CSE
JavaScript Training in Chennai
Project Centers in Chennai
JavaScript Training in Chennai
Wales publishers are offering optimized, Best Publication Services in UK to boost the researcher and research communities, by providing accelerated and efficient services to fasten the publishing process and to give more opportunities for research on different disciplines.Wales publication research conferences give the researchers an international platform to discuss their scientific research Open Access Publishing UK work and their edges.We are different from other conferences because the community's member organizes our conferences.
ReplyDelete