Message Detail


To: Faculty and Staff
From: Richard Mikelinich, Chief Info Security Officer
Summary: Remote Desktop Protocol (RDP) blocked
Date: 17-MAR-2012 08:34:00 AM Message ID: 76367

Dear Faculty and Staff,

If you remotely access your computer through Microsoft Windows Remote Desktop (RDP) then please read this message.  If you do not use Remote Desktop, then no action is required.

IMPACT:  The RDP service now requires use of Yale's Virtual Private Network (VPN). To continue to access the Remote Desktop Service use VPN through https://access.yale.edu.   Home users and those who have computers and servers that are not being managed by ITS, should run the Windows Update program immediately. 
 
The Yale Information Security Office has received verified reports that a new active exploit for the Microsoft Windows Remote Desktop (RDP) is being used to compromise Microsoft Windows computers on the internet. We consider this exploit to be a very serious threat to the Yale computing environment, as those making the attack do not need to use authentication (NetID and password) to compromise a Yale University computer running the RDP service.  Because the exploit does not need authentication it can lead to a rapidly spreading computer worm, which could compromise 1000s of computers at Yale in a relatively short period of time.

We will post updates on the Yale Status page http://www.yale.edu/its/status throughout this process.
 
We apologize if this causes any inconvenience and have staff on-call throughout the weekend in the event you have any questions. Please contact the ITS Help Desk at 203-432-9000.
 
Regards,
Rich Mikelinich, CISO

Read more about the technical details on RDP-CVE-2012-0002