- Quick specs
- Price: Free
- Operating system: Windows 2000
- Date added: October 30, 2002
- Total Downloads: 2,216
- Downloads last week: 1
- See full specifications
- Average user rating: Be the first to rate this product!
Publisher's description
From Microsoft :This patch eliminates two vulnerabilities affecting the implementation of the RDP protocol:
The first vulnerability involves the way in which session encryption is implemented in certain versions of RDP. All RDP implementations permit the data in an RDP session to be encrypted. However, in the versions of RDP that are included in Windows 2000 and Windows XP, the checksums for the plain-text session data are sent without themselves being encrypted. An attacker who can ""eavesdrop on"" and record an RDP session might be able to conduct a straightforward cryptanalytic attack against the checksums and to recover the session traffic.
The second vulnerability involves the way in which the RDP implementation in Windows XP handles data packets that are malformed in a particular way. When RDP receives such data packets, the Remote Desktop service stops working. When this problem occurs, Windows stops working correctly also. An attacker does not have to be authenticated on an affected computer to deliver packets of this type to an affected computer.
More popular Encryption Software downloads
- 52,623 downloads 1. RoboForm
- 27,875 downloads 2. Hotspot Shield
- 26,862 downloads 3. Computer Use Reporter
- 8,814 downloads 4. Easy File Encryption
- 8,095 downloads 5. Easy Private Disk
- See all Encryption Software downloads
User reviews
Write your own review Be the first one to review Windows 2000 RDP Protocol Security Vulnerability Patch MS02-051 and share your experience with the CNET community!
Submit your review
- See more CNET content tagged:
- Microsoft Corp.,
- Microsoft Windows,
- Microsoft Windows 2000,
- implementation,
- vulnerability
