Multiple vulnerabilities have been discovered in Microsoft’s Remote Desktop Protocol, which is used to power Terminal Services for Windows 2000 servers, as well as Windows XP Pro’s single-user remote desktop service. Version 5.0 of the RDP client is susceptible
to session monitoring and hijacking attacks in encrypted sessions. This means an attacker on the same network segment could view or even manipulate keystrokes sent over a terminal session. XP Pro, Win2k Server, Win2k Advanced Server, and .NET Standard Server Beta 3 are all affected, and the only workaround is to use Terminal Services Client 4.0.

The second security issue is a denial of service
condition in the code which negotiates client/server graphics capabilities at the start of an RDP connection. By sending a 32 byte malformed packet to a server, an attacker can force the system to crash and reboot. This only affects Windows XP Professional and the .NET Server Beta 3, and there is no workaround other than disabling the Remote Desktop service. Microsoft has been aware of both of these security holes since April, but has not released any patches for them.

(N-Stalker Security Force)