Well, that supposes someone doesn't bring an infected machine into the network, but other than that, yeah, I think you're right.
It's the infected laptops that worry me - we have a fair number of sales geeks, field service techs, executives, etc. who are out of the office for extended periods, and come in and attach (wired or wireless) to the network, and we don't have any NAC/NAP solution to mitigate any infections they might have picked up. On the plus side, they do all have VIPRE, which is set to contact GFI for updates if it can't contact our internal server. The risk of this one getting "wormified" is beyond what makes me comfortable, so patching as soon as allowable is where I'm headed - I've already patched a bunch of test machines, including some servers. Kurt On Fri, Mar 16, 2012 at 13:13, Richard Stovall <[email protected]> wrote: > This is the same RDP vulnerability that EZ (I think it was EZ) posted the > other day, right? > > IIRC, you're not vulnerable unless you expose a server to RDP connections > directly through your firewall. If you don't do that, then your risk is > essentially nil since the it isn't exploitable through RD Gateway. Or am I > not remembering correctly? > > > On Fri, Mar 16, 2012 at 11:03 AM, Kurt Buff <[email protected]> wrote: >> >> Unfortunately, I can't move quite that fast. We're pretty much a 24x5 >> shop, with offices overseas, and I have to give more notice than >> "patching now, please log off". At least I have most weekends to do >> this kind of thing... >> >> Kurt >> >> On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim >> <[email protected]> wrote: >> > I am all done! Neeener neener. :) >> > >> > -----Original Message----- >> > From: Kurt Buff [mailto:[email protected]] >> > Sent: Friday, March 16, 2012 10:24 AM >> > To: NT System Admin Issues >> > Subject: Re: In case anyone didn't see this on the Patch Management >> > list... >> > >> > Yeah, I'm pushing this out as fast as I can - I'll be patching servers >> > tonight, and the rest of the workstations next week. >> > >> > On Fri, Mar 16, 2012 at 07:14, James Rankin <[email protected]> >> > wrote: >> >> ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit-Co >> >> de-Confirmed-259060.shtml >> >> >> > >> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ >> > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> > >> > --- >> > To manage subscriptions click here: >> > http://lyris.sunbelt-software.com/read/my_forums/ >> > or send an email to [email protected] >> > with the body: unsubscribe ntsysadmin >> > >> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> > >> > --- >> > To manage subscriptions click here: >> > http://lyris.sunbelt-software.com/read/my_forums/ >> > or send an email to [email protected] >> > with the body: unsubscribe ntsysadmin >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
