Microsoft has released software updates for Windows XP and 2003 to patch what it believes to be an easy-to-exploit vulnerability in Remote Desktop Services. The most troubling part of this vulnerability is that it can be exploited with no user interaction. If an attacker successfully exploited this vulnerability not only could they view, change, or steal data, they could also install harmful programs and even create new accounts with full user rights. To exploit this vulnerability, an attacker would need to send a specially crafted request to the target system’s Remote Desktop Service via RDP. Because of this, only systems accessible via Remote Desktop are vulnerable. 

If you have Windows XP or 2003 systems on your organization’s network, your organization is vulnerable to this attack.

Ross is the CISO at Symplexity. He has achieved CCIE Security and CISSP certifications, an MBA from the University of Notre Dame, and has 20 years of experience in the fields of computer and network security engineering and consulting. Ross provides virtual CISO services for our Symplexity Secure clients and helps them to identify information security risks and implement administrative, procedural, and technical controls to mitigate. He works effectively with both technical and managerial personnel and is a trusted resource for our clients.

Ready to take your technology to the next level?

Contact Us Now