Ohio University

University takes steps to secure against Windows Remote Desktop critical vulnerability

Friday, March 16, 2012
Sean O'Malley  

To protect against a recently published Microsoft Windows critical vulnerability that could allow hackers to gain full control over Windows systems via Remote Desktop, OIT has begun blocking access to that service from outside the university network.

Remote Desktop is most commonly used by individuals to log into office PCs from home or while traveling. Faculty and staff who wish to use Remote Desktop from off-campus should take the following steps:

1. Run Windows Update to ensure that all critical patches have been applied to your Windows computers.
2. Contact the OIT Service Desk at 740-593-1222 or www.ohio.edu/oitech to submit a request for remote desktop access from off-campus.
   

Even if you do not use Remote Desktop, you still should run Windows Update and make sure it is configured to automatically download and install critical updates.

Additional steps to better secure your computer

Microsoft has released a patch for this vulnerability, so your first step should be to run Windows Update and make sure that all critical updates have been installed.  

After doing that, you should consider following the steps outlined below. These steps will not fix the underlying vulnerability. Only installing the patch will do that. Still, they do provide additional protection. Detailed explanations of each workaround can be found in Microsoft Bulletin MS12-020.

1. Disable Remote Desktop - If you don't need this service, turn it off.
   
2. Limit access to TCP Port 3389 via a firewall - When practical, configure your firewall to only allow incoming RDP requests from trusted locations.
   
3. Enable Network Level Authentication on modern Windows systems -If you only use Windows Vista, Windows 7, Server 2008, or Server 2008 R2, then you can require a user to authenticate before they can start a remote desktop session.