CVE-2011-1968

Name of the Vulnerable Software and Affected Versions Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2

Description A denial of service issue exists due to improper processing of packets in memory by the Remote Desktop Protocol (RDP) implementation. This allows remote attackers to cause a system reboot by sending crafted RDP packets, triggering access to an object that was not properly initialized or has been deleted. This issue has been exploited in the wild.

Recommendations For Microsoft Windows XP versions SP2 through SP3, update to a version that includes the fix for this issue. For Microsoft Windows Server 2003 version SP2, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the RDP service until a patch is available.