Windows 2000 and XP systems running as terminal servers can be crashed by local users. This can be done via RDP (Remote Desktop Protocol) or Citrix ICA Clients.
A user needs to log in and open %SYSTEMROOT%\SYSTEM32\MSGINA.DLL with exclusive read access. Then the user should open a new connection to the server, the user will then get a warning dialog asking him to restart the system.
This only affect terminal server systems. Windows systems running as normal workstations and servers are not vulnerable.
Solution: It is possible to remove the permissions for "Power Users", "Users" and "Everyone", this however may give complications on XP systems. We recommend that you test this solution before applying it to production systems.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to email@example.com
Subject: Microsoft Windows Terminal Server Denial of Service
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.