Archive
Vulnerability in Remote Desktop Client – #RDS
Microsoft Security Bulletin MS13-029 – Critical
Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2828223)
Published: Tuesday, April 09, 2013 | Updated: Wednesday, April 10, 2013
Version: 1.1
This security update resolves a privately reported vulnerability in Windows Remote Desktop Client. The vulnerability could allow remote code execution if a user views a specially crafted webpage. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
This security update is rated Critical for Remote Desktop Connection 6.1 Client, Remote Desktop Connection 7.0 Client, and Remote Desktop Connection 7.1 Client where affected on Windows XP, Windows Vista, and Windows 7. It is rated Moderate for Remote Desktop Connection 6.1 Client, Remote Desktop Connection 7.0 Client, and Remote Desktop 7.1 Client where affected on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2. For more information, see the subsection, Affected and Non-Affected Software, in this section.
The security update addresses the vulnerability by modifying the way that Remote Desktop Client handles objects in memory. For more information about the vulnerability, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.
Recommendation. Most customers have automatic updating enabled…
Continue reading here!
//Richard
Lync 2013 client preview for VDI/Hosted Virtual Desktop environments
This is an update in the right direction for getting all Lync features to work in a hosted environment! But where are we on this topic of getting the collaboration features etc. to our end-users in a good way to the “Any Device” and “Anywhere” or BYOD if that’s what you wanna call it?
Before there has been a lot of issues with running Lync and what’s supported feature-wise depending on where you ran Lync, what protocol you where accessing it over and how Lync was presented (either as published desktop or as a published app). And this had it’s challenges for companies that for instance wanted to go to a BYOD model where the end-point device the user was sitting on wsn’t managed and didn’t allowed Lync to be installed and where those users then were relying on their XenApp or XenDesktop environment. And then there are features that aren’t supported or let’s say; didn’t work that well and really loaded the host server.
The table below is from a great Microsoft blog post by Jesper Osgaard where he compares the features of Lync in a virtualized environment;
What did Citrix do about it? Well first they released the HDX Realtime Optimization Pack for Microsoft Lync to address these issues and to ensure improved Lync functionality. And I must give Citrix credit for adding support for Linux directly!
The IT Melting Pot! 