Right off the back of our last blog post “How to Secure your Cloud Server“, the Go2Cloud GetHelp team flagged a potential security risk for all customers and partners using Remote Desktop Protocol (RDP) to access their Windows environments. 

As mentioned in the previous post, security is not an issue to that we take lightly and neither should you. Vigilance and action are the keys to ensuring that your environment remains secure.

Monsters

Not all threats are as tame as Mike from Monsters Inc

We recommended that you always ensure that your OS and APPS are up to date with the latest patches, bug fixes and enhancements. This tip turns out to the be the exact action which would have mitigated your the risks associated to the vulnerability.

Go2Cloud does not publicly share information about these potential risks until such time as the details have been shared with Customers and Partners, allowing sufficient time to update systems and reduce risk further. If you would like to receive these communications directly in the future, please email us (gethelp(at)go2cloud.co.za) and the team will send you a link to update your subscriptions. 

Details of the RDP vulnerability

Microsoft has recently announced a vulnerability in Remote Desktop Protocol (RDP) that affected all versions of Windows from XP through the latest pre-release of Windows 8, including all Windows Server products.

This bug allows a remote hacker to execute code on a system, essentially running any software they wish, without any intervention on the part of the user. Obviously, this is a critical vulnerability and should be addressed as soon as possible by all customers who are affected. 

Anyone who uses RDP to connect to their Windows machines is vulnerable to this attack unless they take steps to ensure they apply the update.

Microsoft has released Security Update MS12-020 which will patch this vulnerability. 

Official information may be found at Microsoft’s TechNet blog post on the issue here

If you can¹t patch your system at present for whatever reason, the blog post linked above offers several ways to mitigate the risk. If you fall into this category, you can also disable RDP entirely and install some other remote desktop application in place of RDP such as VNC.

Microsoft states, at time of writing, that this hasn’t been seen used as an exploit in the real world yet, but expect it to only be a matter of time. They have stated that they expect to see this vulnerability exploited within a matter of days. 

Go2Cloud has been advising all customers to treat this as a matter of urgency, both in your Cloud and On-Prem environments.

I hope this information was useful!

For future updates please ensure that you are subscribed to the mailing lists relevant to you, check back with our blog or follow us on Twitter @Go2Cloud  

WordPress Appliance - Powered by TurnKey Linux