Information Services would like to make you aware of a critical security patch to address a MS Remote Desktop Protocol (RDP) vulnerability. This needs immediate attention.
It is important that you patch your machines immediately. Details on the vulnerability and methods to address patching can be found here: http://technet.microsoft.com/en-us/security/bulletin/ms12-020. Please be certain to address these updates immediately.
Although Information Services is not aware of any machines being compromised yet, this vulnerability is being closely monitored by IS. If it is determined that multiple servers and important services are compromised then the remote desktop function will be turned off and the campus will need to use a service called SSL-VPN to connect with the campus network. This service will provide a secure connection to the services located on campus, including remote desktop.
Instructions for the SSL-VPN service:
For Windows: http://infotech.wsu.edu/security/services/vpn.html
For Mac OSX: http://infotech.wsu.edu/security/services/sslVPN/sslVPN-OSX.html.
For questions contact Tom Ambrosi, senior director of networking and CISO, at 509-335-1642 or tambrosi@wsu.edu.