Friday, July 15, 2005

Something is up with Windows Remote Desktop (maybe) 

Remote Desktop can work through the firewall, so it could be pretty dangerous if something were to go wrong with it.

Someone using an automatic tool that throws strange inputs into programs until they crash managed to make Windows crash.

Right now everything is rumors and speculation so I can't give any solid advice. But it looks like the Windows component that crashed is the one that makes Remote Desktop work. It also looks like the kind of crash that could signal the existence of a security hole.
UPDATE 7-16: eWeek magazine says Microsoft will patch the vulnerability
UPDATE 7-18: no more "maybe" about it, Computerworld says Microsoft confirms a Remote Desktop flaw and recommends disabling the service.

The facts should be in within a few days. Meantime, if you can disable Remote Desktop when you're not using it, that couldn't hurt.

If you mention this to your IT person, pass along the following frustratingly incomplete links:
Incomplete SecurityFocus vulnerability report
Speculation about where the problem is
Screen shot of the crash but it's still not clear whether someone can take over your machine.

# posted by Frederick @ 8:43 PM Email to a friend:
|

This page is powered by Blogger. Isn't yours?