RealTime IT News

Microsoft Reissues Patch

Microsoft Corp. Monday issued a revised patch for a flaw in the implementation of the Remote Data Protocol (RDP).

The flaw affected terminal service in Windows NT 4.0 Terminal Server Edition and Windows 2000 Server, Windows 2000 Advanced Server and Windows 2000 Datacenter Server, opening the door for a potential denial of service on systems configured as terminal servers. Such systems are typically deployed as intranet servers.

Microsoft published a patch for the flaw on Thursday, Oct. 18, but pulled it on Friday after system administrators reported errors loading the patch onto their systems.

Microsoft has described the flaw as a moderate risk. It does not allow for system breaches. An attacker could cause a terminal server to fail -- causing work in progress to be lost -- but could not add, change or delete data on the server. Servers that fail as a result of exploiting the flaw can be rebooted without incident.

RDP is the protocol Windows terminal servers and clients use to communicate with each other. Clients use it to send keystroke and mouse-click information to the server, and the server uses it send display information to clients. Microsoft said the flaw arises when a precise series of packets are sent to a specific port in a specific order that cannot be generated as part of a normal terminal server session.

Windows 2000 Server, Windows 2000 Advanced Server and Windows 2000 Datacenter Server are all capable of being configured to provide terminal services, but terminal service is not installed or running by default in any of them.