This update resolves the "Invalid RDP Data" security vulnerability in Windows 2000 terminal servers, and is discussed in Microsoft Security Bulletin MS01-006. Download now to prevent a malicious user from sending a specific series of data packets to your server, causing it to fail.

This vulnerability exists because Terminal Services in Windows 2000 does not handle a particular series of data packets correctly, when they are sent via a Remote Desktop Protocol (RDP) connection. (RDP is the protocol that Windows terminal servers and clients use to communicate.) If a malicious user sends this sequence of packets to the port associated with RDP on an affected server, the server can fail. If this occurs, any work in progress is lost.

Note Windows NT® 4.0 Server, Terminal Server Edition is not affected by this vulnerability.

For more information about this vulnerability, read Microsoft Security Bulletin MS01-006. (This site is in English.)

• Windows 2000 Server with Terminal Services enabled.
• Windows 2000 Advanced Server with Terminal Services enabled.

1. Click Start, point to Settings, and then click Control Panel.
2. Double-click Add/Remove Programs.
3. Select Windows 2000 Hotfix [See Q286132 for more information], and click Change/Remove to uninstall.