Windows Remote Desktop Exploit In the Wild 94
angry tapir writes "Luigi Auriemma, the researcher who discovered a recently patched critical vulnerability in Microsoft's Remote Desktop Protocol (RDP), published a proof-of-concept exploit for it after a separate working exploit, which he said possibly originated from Microsoft, was leaked online on Friday. Identified as CVE-2012-0002 and patched by Microsoft on Tuesday, the critical vulnerability can be exploited remotely to execute arbitrary code on systems that accept RDP connections."
Re:Did anyone think it was secure anyway? (Score:5, Interesting)
Doesn't everyone with a clue use it via a VPN anyway?
Most people don't have publicly available RDP open. But there are enough Windows machines out there that even if a small percentage have RDP exposed, and only a small percentage of them aren't patched... there is still a metric shitload of vulnerable hosts.
Dan Kaminsky has done some scanning and extrapolation [dankaminsky.com] to estimate that there are about 5 million RDP endpoints exposed
Re:Did anyone think it was secure anyway? (Score:5, Interesting)
Businesses yes for the most part, but Windows power users that would like a way to log in remotely - like Linux people ssh with X forwarding - often have RDC enabled and internet exposed. Plus if you can traverse the external firewall some other way, then launch RDC attacks on the computers that's a pretty big loophole too. Or if you're somehow on the inside already, in a big company that external wall is just a tiny bit of your defenses. Overall it's pretty critical.
Re:Did anyone think it was secure anyway? (Score:4, Interesting)