Hornbill Trust
Call Us: +44(0)208 582 8282

Social: Facebook, Google+

Mar 16 2012

Closing Windows RDP Vulnerability

On Tuesday 13 March 2012 we received an advisory from Microsoft regarding a vulnerability in Remote Desktop Protocol (RDP), alerting us to a bug that allows a remote hacker to execute code on a system, without any intervention on the part of the user. As some of our servers our windows based, we pounced on this notification and took immediate steps to close the vulnerability. We confirmed the patch provided by Microsoft had no impact on our staging servers, so it was good to go. We scheduled our systems to deploy the patch that very same day, notifying our customers of our intent.

We patched all affected servers on three continents within 24 hours of being alerted to the vulnerability. Some providers, not mentioning any names, took a little longer to respond. I couldn’t believe it when I found out that a provider had scheduled their patch deployment for Saturday….5 days after the patch was made available by Microsoft.

I can’t speak for other providers, but here at Hornbill we take security very seriously and will respond as rapidly as possible to close vulnerabilities.

We’ll see if we can beat 24 hours next time!! 🙂

For more information on the specific vulnerability, see:

https://blogs.technet.com/b/srd/archive/2012/03/13/cve-2012-0002-a-closer-look-at-ms12-020-s-critical-issue.aspx?Redirected=true

Accreditations

IS588876

Uptime SLA

99.5%

Uptime Target

99.95%

Platform Uptime Last Month
Platform Uptime This Month