Computerworld News notes Microsoft warns of remote access protocol flaw. “Microsoft is warning users that a flaw in the software used to remotely access computers running the Windows OS could leave them vulnerable to a denial-of-service attack.”
This is the RDP flaw I blogged last week. Affected machine include Win2K as well. It appears that scanning for the affected port is on the increase, too, according to the Internet Storm Center. I’m advising clients to turn off port 3389 at the firewall, and only enable it (via ssh, for example) when needed.