Microsoft regularly updated and fixes the security holes when they find any new vulnerabilities in Windows. Today, Microsoft posted in its Blog post, which noted that ”the update, MS12-020, should be downloaded and installed by Windows XP, Vista and 7 users right away”.
Security Update MS12-020 addresses two vulnerabilities in Microsoft’s implementation of the Remote Desktop Protocol (RDP). The exploit could allow any hackers to run malicious code on your Windows PC ” … if an attacker sends a sequence of specially crafted RDP packets to an affected system.”
RDP is commonly allowed through firewalls due to its utility. The service runs in kernel-mode as SYSTEM by default on nearly all platforms. The good news is that the Remote Desktop Protocol is disabled by default.
Microsoft is still recommending strongly that all Windows users grab and install the security update, saying:
Developing a working exploit will not be trivial – we would be surprised to see one developed in the next few days. However, we expect to see working exploit code developed within the next 30 days.
How ever, Microsoft urges all Windows users includes Windows XP,Vista and 7 to update this security fix using Windows update center.