MS11-065 MS11-065 - Important : Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (2570222) - Version: 1.0
Version2011-08-09
Severity Rating: Important
Revision Note: V1.0 (August 9, 2011): Bulletin published.
Summary: This security update resolves a privately reported vulnerability in the Remote Desktop Protocol. The vulnerability could allow denial of service if an affected system received a sequence of specially crafted RDP packets. Microsoft has also received reports of limited, targeted attacks attempting to exploit this vulnerability. By default, the Remote Desktop Protocol (RDP) is not enabled on any Windows operating system.
Bulletin details at Microsoft.com
Bulletin details at Microsoft.com
Related CVE Entries
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly process packets in memory, which allows remote attackers to cause a denial of service (reboot) by sending crafted RDP packets triggering access to an object that (1) was not properly initialized or (2) is deleted, as exploited in the wild in 2011, aka "Remote Desktop Protocol Vulnerability."
Max CVSS
7.1
EPSS Score
95.94%
Published
2011-08-10
Updated
2019-02-26