“The details of the proof-of-concept code appear to match the vulnerability information shared with Microsoft Active Protections Program (MAPP) partners. Microsoft is actively investigating the disclosure of these details and will take the necessary actions to protect customers and ensure that confidential information we share is protected pursuant to our contracts and program requirements.”
Workarounds detailed in Microsoft Security Bulletin MS12-020 can be applied for now.
- Leak outs Microsoft RDP vulnerability exploit (kevww.wordpress.com)
- Does one bad apple spoil Microsoft’s vulnerability sharing program? (zdnet.com)