MS12-020 Proof-of-Concept in the Wild

Your browser is out of date.

You are currently using Internet Explorer 7/8/9, which is not supported by our site. For the best experience, please use one of the latest browsers.

Chrome
Firefox
Internet Explorer Edge
Safari

Back to Previous Blog MS12-020 Proof-of-Concept in the Wild

Mar 19, 2012 | Brett Edgar

Well, that didn't take long. As of Thursday, an MS12-020 PoC (the Remote Desktop Protocol vulnerability) is in the wild. Looks like one of Microsoft's MAPP partners leaked some test code. This PoC code only causes a Blue-Screen-of-Death, so the damage is limited to a denial-of-service. It won't be long until the bad guys figure out which values they need to modify to achieve remote code execution. When that happens and you still have RDP open to the Internet and unpatched, you lose. I suspect we'll see a worm exploiting this within a week. This could end up being a SQL Slammer-type event...

Ask A Question

$(document).ready(function(){ $("#incomingLink").val(document.referrer); });

MS12-020 Proof-of-Concept in the Wild Cerberus Sentinel Blog