OIT Tech 32px
Email upgrade: Hands on demo, April 25
Summer 2014 instructors: Upload 1st session course materials before May 7
Email upgrade: Improved web access
OHIO passwords to require secret questions
VoIP telephone upgrade: Site surveys and pilot under way
Email scams expected to rise: What you can do
Box cloud storage accounts now available
Email upgrade: larger quotas, better web access, easier calendaring
Exchange maintenance scheduled for 1:00 am - 3:30 am, April 12, 2014
IT Change Guide: Upgrades that will affect you
deco-circuit-banner

University takes steps to secure against Windows Remote Desktop critical vulnerability

Friday, March 16, 2012
Sean O'Malley  

To protect against a recently published Microsoft Windows critical vulnerability that could allow hackers to gain full control over Windows systems via Remote Desktop, OIT has begun blocking access to that service from outside the university network.

Remote Desktop is most commonly used by individuals to log into office PCs from home or while traveling. Faculty and staff who wish to use Remote Desktop from off-campus should take the following steps:

  1. Run Windows Update to ensure that all critical patches have been applied to your Windows computers.
  2. Contact the OIT Service Desk at 740-593-1222 or www.ohio.edu/oitech to submit a request for remote desktop access from off-campus.

Even if you do not use Remote Desktop, you still should run Windows Update and make sure it is configured to automatically download and install critical updates.

Additional steps to better secure your computer

Microsoft has released a patch for this vulnerability, so your first step should be to run Windows Update and make sure that all critical updates have been installed.  

After doing that, you should consider following the steps outlined below. These steps will not fix the underlying vulnerability. Only installing the patch will do that. Still, they do provide additional protection. Detailed explanations of each workaround can be found in Microsoft Bulletin MS12-020.

  1. Disable Remote Desktop - If you don't need this service, turn it off.
  2. Limit access to TCP Port 3389 via a firewall - When practical, configure your firewall to only allow incoming RDP requests from trusted locations.
  3. Enable Network Level Authentication on modern Windows systems -If you only use Windows Vista, Windows 7, Server 2008, or Server 2008 R2, then you can require a user to authenticate before they can start a remote desktop session.


Related Links

SANS raises Internet Threat Level to Yellow 
Microsoft Bulletin MS12-020