Recent MS RDP vulnerability?


1 comment

  • Avatar
    Jump Desktop Support

    Hi James,

    We've gone through the MS12-020 alert and we recommend customers do the following:

    1. We strongly recommend applying the MS12-020 patch immediately to all Windows systems. If possible, we recommend setting Window's auto updater to install future updates automatically. MS12-020 patches the vulnerability in question.

    2. Further more, we recommend Windows Vista and onwards users should make sure Windows' NLA mode is enabled. NLA mode mitigates the issue somewhat by only allowing authenticated users to initiate a connection to the server. This adds one layer of protection against future exploits as well. Jump has supported Window's NLA mode for nearly 9 months now. Jump's automatic setup client which installs on the PC has supported selecting NLA mode by default since version 3.0.7, released almost 9 months ago.

    To the best of our knowledge the above steps (specifically step #1) should be enough to mitigate the vulnerability. 

    Please let me know if you need more information.

    Comment actions Permalink

Please sign in to leave a comment.