Remote Code Execution Vulnerabilities in Remote Desktop Connection - MS09-044ID: oval:org.secpod.oval:def:2642 | Date: (C)2011-10-31 (M)2023-12-14 |
Class: PATCH | Family: windows |
The host is missing a critical security update according to Microsoft security bulletin, MS09-044. The update is required to fix remote code execution vulnerabilities. The flaws are present in Microsoft Remote Desktop Connection, which fails to processes specific parameters returned by the RDP server. Successful exploitation could allow an attacker to install programs; view, change, or delete data; or create new accounts with full user rights.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Vista |
Microsoft Windows XP |
Product: |
Remote Desktop Client |