The Windows Remote Desktop allows desktop access to one Windows computer from another Windows computer.
A library loading vulnerability in the Remote Desktop Client allows arbitrary command execution when a user opens a Remote Desktop (.rdp) configuration file located in the same network directory as a specially crafted DLL file.
Apply the update referenced in Microsoft Security Bulletin 11-017.
An SMB share which is readable by the target computer, and a user name and password with write access to that share, must be specified.
The target user must open the RDP file located on the specified share.