Friday, March 16, 2012
To protect against a recently published Microsoft Windows critical vulnerability that could allow hackers to gain full control over Windows systems via Remote Desktop, OIT has begun blocking access to that service from outside the university network.
Remote Desktop is most commonly used by individuals to log into office PCs from home or while traveling. Faculty and staff who wish to use Remote Desktop from off-campus should take the following steps:
Even if you do not use Remote Desktop, you still should run Windows Update and make sure it is configured to automatically download and install critical updates.
Microsoft has released a patch for this vulnerability, so your first step should be to run Windows Update and make sure that all critical updates have been installed.
After doing that, you should consider following the steps outlined below. These steps will not fix the underlying vulnerability. Only installing the patch will do that. Still, they do provide additional protection. Detailed explanations of each workaround can be found in Microsoft Bulletin MS12-020.