Today could be the day malware artists figure out how to do remote code execution on many millions of PCs and servers running M$’s OS with RDP enabled. M$ has released a patch this patch Tuesday but who knows how many machines will be unpatched in the next few days?
see M$ MS-12-20
Need we say more about the foolishness of leaving your IT as a monoculture of M$’s stuff after decades of them demonstrating little or no concern for security?
UPDATE IT World has a thoughtful review of the situation. They believe M$ has underplayed the seriousness of the vulnerability by mentioning that RDP is not enabled by default in M$’s OS. Many organizations use RDP to control servers and in Wintel, servers control desktops…