CVE-2012-0173

Name of the Vulnerable Software and Affected Versions Microsoft Windows XP versions SP2 and SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2, R2, and R2 SP1 Microsoft Windows 7 versions Gold and SP1

Description A remote code execution issue exists due to improper processing of packets in memory by the Remote Desktop Protocol (RDP) implementation. This allows remote attackers to execute arbitrary code by sending crafted RDP packets, which can trigger access to an object that was not properly initialized or has been deleted. An attacker who successfully exploits this issue could run arbitrary code on the target system, potentially installing programs, viewing, changing, or deleting data, or creating new accounts with full user rights.

Recommendations For Microsoft Windows XP versions SP2 and SP3, update to a newer version to mitigate the risk. For Microsoft Windows Server 2003 version SP2, update to a newer version to mitigate the risk. For Microsoft Windows Vista version SP2, update to a newer version to mitigate the risk. For Microsoft Windows Server 2008 versions SP2, R2, and R2 SP1, update to a newer version to mitigate the risk. For Microsoft Windows 7 versions Gold and SP1, update to a newer version to mitigate the risk. As a temporary workaround, consider restricting access to the RDP service until a patch is available.