Citrix has released yesterday a KB article stating the following regarding ICA and RDP connections failures after applying patch MS12-024.
When you apply Microsoft patch MS12-024 on a Windows Server 2003-based Terminal Server, Independent Computing Architecture (ICA) and Remote Desktop Protocol (RDP) connections fail.
This is a known issue with Microsoft Windows 2003.
Microsoft released a patch on April 10, 2012 to address a security vulnerability issue with the operating system potentially allowing a remote code execution.
To review the information refer to http://support.microsoft.com/kb/2653956.
If you install this patch, you might experience an issue that ICA and RDP connections terminate on the server.
To correct the issue you can install the Microsoft Hotfix 938759 available at http://support.microsoft.com/kb/958476.
You can read the complete article here.
Last Tuesday Microsoft has released a critical hotfix affecting Remote Desktop Services for versions of Windows commonly used as part XenDesktop and XenApp environments. Microsoft is strongly recommending that customers apply this immediately.
Click here for more information about this patch.
Citrix has tested this patch with XenApp and XenDesktop, and is listed in the Microsoft Security Patch Validation Report for March 2012.
Microsoft’s March 2012 security updates have passed Citrix testing (the updates are listed below). The testing is not all-inclusive; all tests are Continue reading “MS12-020 and Citrix XenDesktop”
This security update resolves two privately reported vulnerabilities in the Remote Desktop Protocol. The more severe of these vulnerabilities could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system. By default, the Remote Desktop Protocol (RDP) is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk.
This security update is rated Critical for all supported releases of Microsoft Windows. For more information, see the subsection, Affected and Non-Affected Software, in this section.
The security update addresses the vulnerabilities by modifying the way that the Remote Desktop Protocol processes packets in memory and the way that the RDP service processes packets. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.
Continue reading “MS12-020: Critical RDP security issue”