Microsoft announced the a vulnerability in some of their products in the Remote Desktop Services (RDS). The vulnerability comes in Windows 2000, 2003, and XP. The RDS is only enabled on the Windows XP Media Center Edition but it’s present in the all the other versions.
The vulnerability takes the form of denial service that could allow an attacker to send a crafted Remote Desktop Protocol (RDP) request to a system. Microsoft determined that hackers couldn’t take control of one’s system, they’d just annoy the devil out of you. The most that could happen would be that the hackers could force your system to reboot.
Tom Ferris over at Security Protocols discovered the problem back in early May. He advised Microsoft of the vulnerability and their procedure is to test it out thorougly. Then they issue an alert.
RDP allows users to access Windows remotely but because of the way Windows runs the remote desktop, an attacker could punch through and pop your computer a black eye.
Not to worry too much though because it would only work in very specific circumstances though. First, it would have to be enabled, which it’s not unless you have the XP Media Center Edition. Then the port would have to be accessible for folks who also want to crash your computer for some reason. Finally, if you have up a firewall, then this isn’t even going to be an issue really because in most cases, firewalls will block it completely.
Microsoft is working on a patch but in the meantime, they recommend blocking TCP port 3389 on their firewall, disable terminal services or the remote desktop feature, secure remote desktop connections by using IPsec policy and by employing a virtual private network connection.