rdp vulnerability patches
platform\issue |
Patch avail |
NLA host |
NLA client |
2000 Professional |
n/a |
n/a |
no |
XP Professional SP3 |
yes |
no |
yes 50588 |
Vista Business SP2 |
yes |
built-in |
built-in |
Windows 7 Professional |
yes RTM/SP1 |
built-in |
built-in |
Server 2000 |
no |
no |
no |
Server 2003 SP2 |
yes |
no |
no |
Server 2003 R2 |
yes |
no |
no |
Server 2008 SP2 |
yes |
built-in |
built-in |
Server 2008 R2 SP1 |
yes |
built-in |
built-in |
Server 2003 can no longer access NLA-enabled RDP hosts
XP RDP host can't require NLA
W7 req 2x patches: 2621440, 2667402
http://technet.microsoft.com/en-us/security/bulletin/MS12-020
TN Blog
Subtle Patch Ramifications
Enabling NLA will prevent older clients (including Windows XP and
Windows Server 2003) from connecting, by default. NLA will not disrupt
remote desktop connections initiated by Windows Vista and later versions
of Windows because they support NLA by default. If you need to initiate
a remote desktop protocol connection to an NLA-enabled server from a
Windows XP client, you can install support for Credential Security
Support Provider (CredSSP) on each connecting Windows XP client.
Instructions for doing so can be found here:
kb/951608. You can
also use this one-click Fix it solution on Windows XP SP3 clients to
enable support for NLA:
Fix0It 50588 |