Microsoft RDP Vulnerability (MS12-020) Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

15

Microsoft RDP Vulnerability (MS12-020) Scanner Detail

You can scan your machine to detect RDP vulnerability by using this tool.

Checks if a machine is vulnerable to MS12-020 RDP vulnerability.

The Microsoft bulletin MS12-020 patches two vulnerabilities: CVE-2012-0152 which addresses a denial of service vulnerability inside Terminal Server, and CVE-2012-0002 which fixes a vulnerability in Remote Desktop Protocol. Both are part of Remote Desktop Services.

The script works by checking for the CVE-2012-0152 vulnerability. If this vulnerability is not patched, it is assumed that CVE-2012-0002 is not patched either. This script can do its check without crashing the target.

The way this works follows:

  • Send one user request. The server replies with a user id (call it A) and a channel for that user.
  • Send another user request. The server replies with another user id (call it B) and another channel.
  • Send a channel join request with requesting user set to A and requesting channel set to B. If the server replies with a success message, we conclude that the server is vulnerable.
  • In case the server is vulnerable, send a channel join request with the requesting user set to B and requesting channel set to B to prevent the chance of a crash.

References:

Some Advice for Common Problems

The majority of Microsoft customers have automatic updating enabled and will not need to take any action because this security update will be downloaded and installed automatically. Microsoft customers who have not enabled automatic updating need to check for updates and install this update manually.

See Microsoft Page for more.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service