# Critical Vulnerability in RDP Could Allow Remote Code Execution



## joepie91 (Jul 14, 2015)

> This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a specially crafted sequence of packets to a targeted system with the Remote Desktop Protocol (RDP) server service enabled. By default, the RDP server service is not enabled on any Windows operating system. Systems that do not have the RDP server service enabled are not at risk.


Source: https://technet.microsoft.com/en-us/library/security/MS15-067


----------



## KuJoe (Jul 14, 2015)

I just logged into all of my VMs looking for an update and then realized it only affects 32bit versions.


----------



## joepie91 (Jul 14, 2015)

KuJoe said:


> I just logged into all of my VMs looking for an update and then realized it only affects 32bit versions.


It doesn't, unfortunately. The text is poorly worded. Look at the 'affected software' matrix below, and you'll see that x64 versions are also listed.


----------



## KuJoe (Jul 14, 2015)

joepie91 said:


> It doesn't, unfortunately. The text is poorly worded. Look at the 'affected software' matrix below, and you'll see that x64 versions are also listed.


Damn, I hope they push an update soon (I checked all of my VMs and home PCs about an hour ago and I didn't see anything for this KB).


----------



## KuJoe (Jul 14, 2015)

Bah! Of course, Microsoft has two different KBs to cover the same exploit.  

It looks like KB3067904 and KB3069762 are the same thing, hense why I can't find a patch for KB3067904.


----------



## TheLinuxBug (Jul 14, 2015)

Just finished updating about 35 servers.  Can't stand Windows Update, takes for EVER... feel like I wasted a whole afternoon.  Thanks Microsoft for the opportunity to spend a day remembering just how how much I hate your products.

Cheers!


----------



## HBAndrei (Jul 14, 2015)

So windows server 2008 R2 is not affected, strange...


----------



## HalfEatenPie (Jul 14, 2015)

Ugh first update attempt failed.  Second update attempt got it.

Rahhhh....  Windows Server 2012!  We are not friends!


----------



## HN-Matt (Jul 19, 2015)

> This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a specially crafted sequence of packets to a targeted system with the Remote Desktop Protocol (RDP) server service enabled.


I think with Windows at least everyone knows in advance that it's exploitable/exploited to hell. They may proceed or react with relative certainty and confidence in such knowledge. To the contrary, some Linux ideologies seem to come hand in hand with snobbish pretensions or quietist tendencies or 'security conscious' bravado suggesting this or that aspect isn't exploited to hell (or is less so, or is at least not immediately so, or is better at staying a step ahead of the game, etc.) which may serve to distract away from certain ultra-exploitative situations that may be more intensely or logistically damaging than what can be gleaned from the comically irrelevant Windows demographic. Depending on the observer, windows are architecturally instantiated to function as default honeypots for Peeping Toms both on and off the internet. Windows 'naturally' attract certain 21st C Peeping Toms (e.g. ridiculous spy agencies, patronizing Juridical moralisms, corporate dragnets, nude private militaries) who are, more than anything, both Very Rude and Very Easy To Reveal. Meanwhile, conceptually and technically superior non-Windows accumulate disastrously advanced layers of encryption and stealth through which Careerist Peeping Toms may move with greater freedom, allowing for their wretchedness to flourish insanely to _Peak Peeping Tom_ apogees when maybe it should have quietly relinquished itself long ago.


----------

