Microsoft Windows Remote Desktop Insecure Library Loading Vulnerability

Last Update Date: 9 Mar 2011 09:55 Release Date: 9 Mar 2011 6176 Views

RISK: High Risk

High Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

A remote code execution vulnerability exists in the way that Windows Remote Desktop Client handles the loading of DLL files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Impact

  • Remote Code Execution

System / Technologies affected

  • Remote Desktop Connection 5.2 Client
    • Windows XP Service Pack 3
  • Remote Desktop Connection 6.0 Client and Remote Desktop Connection 6.1 Client
    • Windows XP Service Pack 3
    • Windows XP Professional x64 Edition Service Pack 2
    • Windows Server 2003 Service Pack 2
    • Windows Server 2003 Service Pack 2
    • Windows Server 2003 x64 Edition Service Pack 2
    • Windows Vista Service Pack 1 and Windows Vista Service Pack 2
    • Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2
    • Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
    • Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
    • Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
  • Remote Desktop Connection 7.0 Client
    • Windows XP Service Pack 3
    • Windows Vista Service Pack 1 and Windows Vista Service Pack 2
    • Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2
    • Windows 7 for 32-bit Systems
    • Windows 7 for x64-based Systems
    • Windows Server 2008 R2 for x64-based Systems
    • Windows Server 2008 R2 for Itanium-based Systems

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft Windows Media Multiple Vulnerabilities

9 Mar 2011 6033 Views

Next

Microsoft Office Groove Insecure Library Loading Vulnerability

9 Mar 2011 6339 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY