Critical Vulnerability in RDP Could Allow Remote Code Execution

Discussion in 'The Pub (Off topic discussion)' started by joepie91, Jul 14, 2015.

  1. joepie91

    joepie91 New Member

    459
    328
    Jun 19, 2013
    Source: https://technet.microsoft.com/en-us/library/security/MS15-067
     
    Last edited by a moderator: Jul 14, 2015
    HalfEatenPie likes this.
  2. KuJoe

    KuJoe Well-Known Member Verified Provider

    1,761
    1,318
    May 17, 2013
    I just logged into all of my VMs looking for an update and then realized it only affects 32bit versions. :)
     
    eva2000 and HalfEatenPie like this.
  3. joepie91

    joepie91 New Member

    459
    328
    Jun 19, 2013
    It doesn't, unfortunately. The text is poorly worded. Look at the 'affected software' matrix below, and you'll see that x64 versions are also listed.
     
    Last edited by a moderator: Jul 14, 2015
  4. KuJoe

    KuJoe Well-Known Member Verified Provider

    1,761
    1,318
    May 17, 2013
    Damn, I hope they push an update soon (I checked all of my VMs and home PCs about an hour ago and I didn't see anything for this KB).
     
  5. KuJoe

    KuJoe Well-Known Member Verified Provider

    1,761
    1,318
    May 17, 2013
    Bah! Of course, Microsoft has two different KBs to cover the same exploit.  :rolleyes:

    It looks like KB3067904 and KB3069762 are the same thing, hense why I can't find a patch for KB3067904.
     
    Last edited by a moderator: Jul 14, 2015
    HalfEatenPie likes this.
  6. TheLinuxBug

    TheLinuxBug New Member

    402
    356
    May 15, 2013
    Just finished updating about 35 servers.  Can't stand Windows Update, takes for EVER... feel like I wasted a whole afternoon.  Thanks Microsoft for the opportunity to spend a day remembering just how how much I hate your products.

    Cheers!
     
    Last edited by a moderator: Jul 14, 2015
    HalfEatenPie likes this.
  7. HBAndrei

    HBAndrei Active Member Verified Provider

    160
    59
    May 1, 2014
    So windows server 2008 R2 is not affected, strange...
     
  8. HalfEatenPie

    HalfEatenPie The Irrational One Retired Staff

    2,890
    1,386
    Mar 25, 2013
    HalfEatenPie
    Ugh first update attempt failed.  Second update attempt got it.

    Rahhhh....  Windows Server 2012!  We are not friends!  
     
  9. HN-Matt

    HN-Matt New Member Verified Provider

    611
    170
    Dec 19, 2013
    I think with Windows at least everyone knows in advance that it's exploitable/exploited to hell. They may proceed or react with relative certainty and confidence in such knowledge. To the contrary, some Linux ideologies seem to come hand in hand with snobbish pretensions or quietist tendencies or 'security conscious' bravado suggesting this or that aspect isn't exploited to hell (or is less so, or is at least not immediately so, or is better at staying a step ahead of the game, etc.) which may serve to distract away from certain ultra-exploitative situations that may be more intensely or logistically damaging than what can be gleaned from the comically irrelevant Windows demographic. Depending on the observer, windows are architecturally instantiated to function as default honeypots for Peeping Toms both on and off the internet. Windows 'naturally' attract certain 21st C Peeping Toms (e.g. ridiculous spy agencies, patronizing Juridical moralisms, corporate dragnets, nude private militaries) who are, more than anything, both Very Rude and Very Easy To Reveal. Meanwhile, conceptually and technically superior non-Windows accumulate disastrously advanced layers of encryption and stealth through which Careerist Peeping Toms may move with greater freedom, allowing for their wretchedness to flourish insanely to Peak Peeping Tom apogees when maybe it should have quietly relinquished itself long ago.
     
    Last edited by a moderator: Jul 19, 2015