Security 10808 Published by

Threatpost takes another look at the MS12-020 RDP Code Leak



Microsoft has a big, ugly problem on its hands. The company is caught in the middle of what's rapidly become a major controversy centered on the leak of proof-of-concept exploit code for the MS12-020 RDP vulnerability. Many researchers, including the one who first discovered the bug and reported it to Microsoft through the Zero Day Initiative, believe that the software giant has a leak, either within its own walls in Redmond, or somewhere in its MAPP information-sharing program.

There are a number of possible explanations for the appearance of the exploit code on a Chinese download site. As odd as it may sound, the absolute best-case scenario for Microsoft is that the code was inadvertently leaked by one of the members of the MAPP (Microsoft Active Protections Program) community. If that's the case, then it simply means that one (or possibly more) of the MAPP partners was careless with the information Microsoft shared with them and the code somehow got into the wrong hands. That's not good, but it's not fatal.
  MS12-020 RDP Code Leak Mystery Deepens As Microsoft Remains Silent