Remote Desktop Protocol Vulnerability MS12-020
Originally Published: 2015-09-07
Article Number
Applies To
CVE Identifier(s)
Operating System
Alert Impact
Impacted - Apply Vendor Remedy
Alert Impact Explanation
Actually we have listed this patch in our monthly enVision OS Updates list when released on March 2012 and suggested customer to apply it:
RSA enVision OS Updates - Windows 2003 SP1/SP2 Enterprise 64-bit
https://knowledge.rsasecurity.com/scolcms/set.aspx?id=5353
https://knowledge.rsasecurity.com/docs/rsa_env/osupdates/2012/win2003-64/Mar2012-win2003-64.htm
https://knowledge.rsasecurity.com/docs/rsa_env/osupdates/2012/win2008-64/4.1SP1-Win2008-64bit.htm
Because this issue only impacts on windows system but not enVision appliances thus please take the suggestion in MSFT bulletin.
You can find the latest download link of that patch from link below , under section “Affected and Non-Affected Software”:
Microsoft Security Bulletin MS12-020 - Critical
http://technet.microsoft.com/en-us/security/bulletin/ms12-020
Meanwhile, because our envision windows installation image was created on 2011 and a lot of new patches for windows has been related monthly by MSFT since that thus we suggest customer to monitor our RSA OS Updates list over SCOL site and apply these listed patches which has been verified first by RSA in order to keep our server in protected and this operation has been included in envision administrator’s guide (see attachment ) and you can also find the full version from our SCOL site regarding other recommended operations:
https://knowledge.rsasecurity.com/docs/rsa_env/envision/41sp1/enVision_admin_guide.pdf
Notes
Windows Server 2003 x64 Edition Service Pack 2 (KB2621440)
http://www.microsoft.com/downloads/details.aspx?familyid=8081e67f-288c-4714-bff8-e0ff9777692f
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (KB2621440 and KB2667402)
http://www.microsoft.com/downloads/details.aspx?familyid=40b62d08-d2a2-4900-b01c-46fc761973d0
http://www.microsoft.com/downloads/details.aspx?familyid=7ec21f41-1673-4592-b45c-6438ad57e08c
***Update package KB2621440 addresses CVE-2012-0002 and update package KB2667402 addresses CVE-2012-0152. While CVE-2012-0152 has a lower severity rating than KB2621440 on affected versions of Microsoft Windows, the aggregate severity rating is Critical based on CVE-2012-0002. Customers should apply all updates offered for the version of Microsoft Windows installed on their systems.
Disclaimer
Related Articles
How does Remote Desktop handle Smart card and NLA? Number of Views RSA SecurID prompt does not appear when connecting with Remote Desktop Protocol RDP on Microsoft Windows Server 2019 with … Number of Views Authentication Issues Using A Third-Party RDP Client And RSA Authentication Agent 7.3.3 for Windows Number of Views Increasing the number of connections from RSA Authentication Agent 7.3.x for Windows to a Windows platform with RDP Number of Views How to remove RSA ACE/Server node secret when RADIUS is in use and no RSA ACE/Agent is installed Number of Views
Trending Articles
Troubleshooting RSA SecurID Access Identity Router to RSA Authentication Manager test connection failures RSA SecurID Software Token 5.0.2 Downloads for Microsoft Windows RSA Authentication Manager 8.9 Release Notes (January 2026) Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA Authentication Manager 8.8 Setup and Configuration Guide
Don't see what you're looking for?
