If your internal workstations were compromised with a malware payload, and you allow RDP internally from your mgm’t VLAN you could perhaps get nailed.
-sc From: Richard Stovall [mailto:[email protected]] Sent: Friday, March 16, 2012 4:13 PM To: NT System Admin Issues Subject: Re: In case anyone didn't see this on the Patch Management list... This is the same RDP vulnerability that EZ (I think it was EZ) posted the other day, right? IIRC, you're not vulnerable unless you expose a server to RDP connections directly through your firewall. If you don't do that, then your risk is essentially nil since the it isn't exploitable through RD Gateway. Or am I not remembering correctly? On Fri, Mar 16, 2012 at 11:03 AM, Kurt Buff <[email protected]> wrote: Unfortunately, I can't move quite that fast. We're pretty much a 24x5 shop, with offices overseas, and I have to give more notice than "patching now, please log off". At least I have most weekends to do this kind of thing... Kurt On Fri, Mar 16, 2012 at 07:24, Kennedy, Jim <[email protected]> wrote: > I am all done! Neeener neener. :) > > -----Original Message----- > From: Kurt Buff [mailto:[email protected]] > Sent: Friday, March 16, 2012 10:24 AM > To: NT System Admin Issues > Subject: Re: In case anyone didn't see this on the Patch Management list... > > Yeah, I'm pushing this out as fast as I can - I'll be patching servers > tonight, and the rest of the workstations next week. > > On Fri, Mar 16, 2012 at 07:14, James Rankin <[email protected]> wrote: >> ...http://news.softpedia.com/news/Windows-RDP-Vulnerability-Exploit-Co >> de-Confirmed-259060.shtml >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
