March 13 Microsoft announces security Bulletin ms12-020 serious vulnerability with patch download URL

Source: Internet
Author: User
Tags execution pack version versions knowledge base
Microsoft Security Bulletin MS12-020-Vulnerability in critical Remote Desktop could allow Remote Code Execution (2671387) This security update resolves two secret-reporting vulnerabilities in the Remote Desktop protocol. If an attacker sends a series of specially crafted RDP packets to the affected system, the more serious vulnerability in these vulnerabilities could allow remote code execution. By default, Remote Desktop Protocol (RDP) is not enabled by any Windows operating system. No RDP-enabled systems are not compromised.

Windows Server 2003 Security update ms12-020 (KB2621440) Chinese version of the patch download address:
http://www.microsoft.com/downloads/zh-cn/details.aspx?familyid=b69b4b9b-c0a1-4c1e-b081-8529eaf1536a

Windows Server 2003 Security update ms12-020 (KB2621440) English version of the patch download address:
http://www.microsoft.com/download/en/details.aspx?id=29134

======================================================

For all supported versions of Microsoft Windows, this security update is rated "critical." For more information, see the "affected and unaffected software " section in this section.

This security update resolves vulnerabilities by modifying the way in which the Remote Desktop protocol handles in-memory packets and how the RDP service handles the packets. For more information about these vulnerabilities, see the "Frequently Asked Questions (FAQ)" section of the following section, " Vulnerability Information ," for a specific vulnerability entry.

recommendations. most customers have Automatic Updates enabled and they do not have to take any action because the security update is automatically downloaded and installed. Customers who have not enabled Automatic Updates must check for updates and install the update manually. For information about specific configuration options in Automatic Updates, see Microsoft Knowledge Base article 294871.

For administrators, enterprise installations, or end users who want to manually install this security update, Microsoft recommends that customers use the update management software to apply this update immediately or check for updates using the Microsoft update service.

Affected and unaffected software

The following software has been tested to determine which version is affected. The support lifecycle for other versions has ended or is unaffected. To determine the technical support lifecycle for the software version, visit the Microsoft Technical Support lifecycle.

Affected Software

Operating System Maximum security Impact Comprehensive severity rating announcements for this update override
Windows XP Service Pack 3
(KB2621440)
Remote Code Execution Serious The KB2570222 in ms11-065 is replaced by KB2621440.
Windows XP Professional x64 Edition Service Pack 2
(KB2621440)
Remote Code Execution Serious The KB2570222 in ms11-065 is replaced by KB2621440.
Windows Server 2003 Service Pack 2
(KB2621440)
Remote Code Execution Serious The KB2570222 in ms11-065 is replaced by KB2621440.
Windows Server 2003 x64 Edition Service Pack 2
(KB2621440)
Remote Code Execution Serious The KB2570222 in ms11-065 is replaced by KB2621440.
Windows Server 2003 SP2 (for Itanium based systems)
(KB2621440)
Remote Code Execution Serious The KB2570222 in ms11-065 is replaced by KB2621440.
Windows Vista Service Pack 2
(KB2621440)
Remote Code Execution Serious No announcement replaced by KB2621440
Windows Vista x64 Edition Service Pack 2
(KB2621440)
Remote Code Execution Serious No announcement replaced by KB2621440
Windows Server 2008 (for 32-bit systems) Service Pack 2*
(KB2621440)
Remote Code Execution Serious No announcement replaced by KB2621440
Windows Server 2008 (for x64 based systems) Service Pack 2*
(KB2621440)
Remote Code Execution Serious No announcement replaced by KB2621440
Windows Server 2008 (for Itanium based systems) Service Pack 2
(KB2621440)
Remote Code Execution Serious No announcement replaced by KB2621440
Windows 7 (for 32-bit systems) and Windows 7 (for 32-bit systems) Service Pack 1
(KB2621440)

Windows 7 (for 32-bit systems) and Windows 7 (for 32-bit systems) Service Pack 1
(KB2667402)
Remote Code Execution Grave [1] No announcement replaced by KB2621440


No announcement replaced by KB2667402
Windows 7 (for x64 based systems) and Windows 7 (for x64 based systems) Service Pack 1
(KB2621440)

Windows 7 (for x64 based systems) and Windows 7 (for x64 based systems) Service Pack 1
(KB2667402)
Remote Code Execution Grave [1] No announcement replaced by KB2621440



No announcement replaced by KB2667402
Windows Server 2008 R2 (for x64 based systems) and Windows Server 2008 R2 (for x64 based systems) Service Pack 1*
(KB2621440)

Windows Server 2008 R2 (for x64 based systems) and Windows Server 2008 R2 (for x64 based systems) Service Pack 1*
(KB2667402)
Remote Code Execution Grave [1] No announcement replaced by KB2621440



No announcement replaced by KB2667402
Windows Server 2008 R2 (for Itanium based Systems) and Windows Server 2008 R2 (for Itanium based Systems) Service Pack 1
(KB2621440)

Windows Server 2008 R2 (for Itanium based Systems) and Windows Server 2008 R2 (for Itanium based Systems) Service Pack 1
(KB2667402)
Remote Code Execution Grave [1] No announcement replaced by KB2621440



No announcement replaced by KB2667402


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.