Remote Desktop Protocol Vulnerability MS12-020
Originally Published: 2015-09-07
Article Number
Applies To
CVE Identifier(s)
Operating System
Alert Impact
Impacted - Apply Vendor Remedy
Alert Impact Explanation
Actually we have listed this patch in our monthly enVision OS Updates list when released on March 2012 and suggested customer to apply it:
RSA enVision OS Updates - Windows 2003 SP1/SP2 Enterprise 64-bit
https://knowledge.rsasecurity.com/scolcms/set.aspx?id=5353
https://knowledge.rsasecurity.com/docs/rsa_env/osupdates/2012/win2003-64/Mar2012-win2003-64.htm
https://knowledge.rsasecurity.com/docs/rsa_env/osupdates/2012/win2008-64/4.1SP1-Win2008-64bit.htm
Because this issue only impacts on windows system but not enVision appliances thus please take the suggestion in MSFT bulletin.
You can find the latest download link of that patch from link below , under section “Affected and Non-Affected Software”:
Microsoft Security Bulletin MS12-020 - Critical
http://technet.microsoft.com/en-us/security/bulletin/ms12-020
Meanwhile, because our envision windows installation image was created on 2011 and a lot of new patches for windows has been related monthly by MSFT since that thus we suggest customer to monitor our RSA OS Updates list over SCOL site and apply these listed patches which has been verified first by RSA in order to keep our server in protected and this operation has been included in envision administrator’s guide (see attachment ) and you can also find the full version from our SCOL site regarding other recommended operations:
https://knowledge.rsasecurity.com/docs/rsa_env/envision/41sp1/enVision_admin_guide.pdf
Notes
Windows Server 2003 x64 Edition Service Pack 2 (KB2621440)
http://www.microsoft.com/downloads/details.aspx?familyid=8081e67f-288c-4714-bff8-e0ff9777692f
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (KB2621440 and KB2667402)
http://www.microsoft.com/downloads/details.aspx?familyid=40b62d08-d2a2-4900-b01c-46fc761973d0
http://www.microsoft.com/downloads/details.aspx?familyid=7ec21f41-1673-4592-b45c-6438ad57e08c
***Update package KB2621440 addresses CVE-2012-0002 and update package KB2667402 addresses CVE-2012-0152. While CVE-2012-0152 has a lower severity rating than KB2621440 on affected versions of Microsoft Windows, the aggregate severity rating is Critical based on CVE-2012-0002. Customers should apply all updates offered for the version of Microsoft Windows installed on their systems.
Disclaimer
Related Articles
How does Remote Desktop handle Smart card and NLA? Number of Views RSA SecurID prompt does not appear when connecting with Remote Desktop Protocol RDP on Microsoft Windows Server 2019 with … Number of Views Authentication Issues Using A Third-Party RDP Client And RSA Authentication Agent 7.3.3 for Windows Number of Views env: cluster setup Creating the cluster......System error 1326 has occurred (0x0000052e). Number of Views Microsoft Windows update MS16-101 breaks RDP from the RSA Authentication Agent 7.3.1 for Windows for all RSA challenged users Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.9 Release Notes (January 2026) An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide
Don't see what you're looking for?
