Working exploit for MS12-020 RDP flaw found
Posted on 16 March 2012.
The vulnerability in Microsoft's Remote Desktop Protocol (RDP) implementation (MS12-020) - a patch for which has been released by during the last Patch Tuesday - has been deemed critical enough to warrant a an immediate implementation of the patch, as it was expected that an exploit for the vulnerability would pop up in the wild in fewer than 30 days.

But, as it turns out, it took only one.


According to Threatpost, a working exploit has surfaced on a Chinese download site and researchers who have analyzed it have confirmed that it triggers a blue-screen-of-death scenario on computers running Windows 7 and a DoS condition on those with Windows XP.

The speed with which a working exploit has found its way to the public has probably surprised a lot of people, but there seems to be a good explanation for it: the exploit code found on the Chinese site contains the exact packet that Luigi Auriemma - a well-known researcher that first spotted the flaw in question - sent to TippingPoint's Zero Day Initiative along with details about the vulnerability.

The packet and the advisory were after that forwarded to Microsoft, and have ultimately been shared by the company with the members of its Microsoft Active Protection Program (MAPP) - a circle of vetted security companies that receive the information before Patch Tuesday so that they implement defenses against the exploits in their offerings.

It is still unknown who leaked the information and why, but Auriemma seems entirely positive that it's his PoC code, so he published it and the corresponding advisory on his page.






Spotlight

Bash Shellshock bug: More attacks, more patches

Posted on 29 September 2014.  |  As vendors scramble to issue patches for the GNU Bash Shellshock bug and companies rush to implement them, attackers around the world are probing systems for the hole it opens.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //