Security Guide for Windows - Cryptographic Flaw in Remote Desktop Protocol

Guides
Products
- Security Products
- Spyware Doctor
- Spyware Doctor with AntiVirus
- PC Tools AntiVirus
- PC Tools Internet Security
- PC Tools Firewall Plus
- ThreatFire
- Spam Monitor
- Utility Products
- Registry Mechanic
- Desktop Maestro
- File Recover
- Privacy Guardian
- Business Solutions
- Spyware Doctor Enterprise
- Help me choose
Download
- Security Products
- Spyware Doctor
- Spyware Doctor with AntiVirus
- PC Tools AntiVirus
- PC Tools Internet Security
- PC Tools Firewall Plus
- ThreatFire
- Spam Monitor
- Utility Products
- Registry Mechanic
- Desktop Maestro
- File Recover
- Privacy Guardian
- Business Solutions
- Spyware Doctor Enterprise
- Help me choose
Purchase
- Security Products
- Spyware Doctor
- Spyware Doctor with AntiVirus
- PC Tools AntiVirus
- PC Tools Internet Security
- ThreatFire
- Spam Monitor
- Utility Products
- Registry Mechanic
- Desktop Maestro
- File Recover
- Privacy Guardian
- Business Solutions
- Spyware Doctor Enterprise
- Help me choose
Support
- Online Support
- Lost Code
Company
- Awards
- Careers
- Community Forum
- Contact
- Labs
- News
- Partners
- Press Room
- Industry News


	Features Registry Guide Software Guide Scripting Guide Driver Guide Support Forums Newsletters Password Tool Downloads Dictionary Spyware Doctor PC Tools AntiVirus Firewall Plus


	Newsletter Receive regular Windows® updates Your privacy is ensured by our privacy policy

Security Home > Windows NT, 2000 & XP

Cryptographic Flaw in Remote Desktop Protocol New

Two security vulnerabilities exist in the RDP Protocol which is used by Windows NT and 2000 Terminal Services and Windows XP for Remote Desktop access.

Issue

Windows-based computers use Remote Desktop Protocol (RDP) to provide remote terminal sessions to clients. The protocol transmits information about a terminal session's keyboard, mouse, and video to the remote client. This protocol is used by Terminal Services in Microsoft Windows NT 4.0 and Windows 2000, and by Remote Desktop in Windows XP. Two security vulnerabilities, both of which are corrected by the patch that is described in this article, have been discovered in various RDP implementations.

The first vulnerability involves the way in which session encryption is implemented in certain versions of RDP. All RDP implementations permit the data in an RDP session to be encrypted. However, in the versions of RDP that are included in Windows 2000 and Windows XP, the checksums for the plain-text session data are sent without themselves being encrypted. An attacker who can "eavesdrop on" and record an RDP session might be able to conduct a straightforward cryptanalytic attack against the checksums and to recover the session traffic.

The second vulnerability involves the way in which the RDP implementation in Windows XP handles data packets that are malformed in a particular way. When RDP receives such data packets, the Remote Desktop service stops working. When this problem occurs, Windows stops working correctly also. An attacker does not have to be authenticated on an affected computer to deliver packets of this type to an affected computer.

Affected Products

Microsoft Windows 2000
Microsoft Windows XP

Download

Software patches are available from the following locations:

Further Details

Source: Microsoft Corporation

Reference: Microsoft Corporation

Updated: September 18, 2002

>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<

Search Guides

Issue

Affected Products

Download

Further Details