Cryptographic Flaw In RDP Protocol Can Lead To Information Disclosure (Q324380)

Published by

Who should read this bulletin: System administrators who operate terminal servers using Microsoft® Windows® 2000, or Windows XP users who have enabled Remote Desktop. Fixed with XP SP1. Others please download to secure your system.

The Remote Data Protocol (RDP) provides the means by which Windows systems can provide remote terminal sessions to clients. The protocol transmits information regarding a terminal sessions' keyboard, mouse and video to the remote client, and is used by Terminal Services in Windows NT 4.0 and Windows 2000, and by Remote Desktop in Windows XP. Two security vulnerabilities, both of which are eliminated by this patch, have been discovered in various RDP implementations. Download Cryptographic Flaw in RDP Protocol can Lead to Information Disclosure (Q324380)