Microsoft Windows Terminal Server Patch Unspecified Denial Of Service Vulnerability

2004-05-11T00:00:00
ID SMNTC-10325
Type symantec
Reporter Symantec Security Response
Modified 2004-05-11T00:00:00

Description

Description

The Terminal Server patch issued in Microsoft advisory MS01-052 has been found to be prone to an unspecified denial of service vulnerability. The affected patch was originally issued to deal with the issue outlined in the Microsoft Windows 2000/NT Terminal Server Service RDP DoS Vulnerability (BID 3445). This issue could be leveraged to cause the affected server to stop responding, denying service to legitimate users.

Technologies Affected

  • Microsoft Q307454
  • Microsoft Q307454 NT

Recommendations

Block external access at the network boundary, unless external parties require service.
If the system is not required to be globally accessible, it is advised that access to it be restricted to only trusted hosts and networks.

Microsoft has issued a patch dealing with this issue. Please see the referenced vendor web advisory for more information and details on obtaining fixes.