Microsoft releases new updates every Tuesday. This Feb 9th, 2016, we had similar updates, which included KB3126446. Fortunately, this update targets users who have enabled Remote Desktop Protocol (RDP).
As part of the security bulletin MS16-017, this update (KB3126446) fixes a security problem in Microsoft Windows. Due to this vulnerability, an authenticated troubleshooter or user who uses RDP to log on to the target system can send typical “malicious” data over the connection. The attack will cause elevation of privileges, like running applications or programs with administrator privileges.
The attacker then can install programs, view, change, or delete data, or create new accounts with full user rights.
Read More: [Solved] – Fix Office 2010 SP2 Update (KB2687455) Failure Problems
Could you please clarify the issue with the KB3126446 update?
It is observed in many forums and reported on Twitter that users of Windows 7 SP1, when applying the patch, have their PCs/laptops go into a reboot loop. It’s akin to closing an error gate, but a new issue arises due to this fix.
Faulty Update From Microsoft, “KB3126446,” Puts Windows 7/8.1 In A Reboot Loop
— hanoush61 (@hanoush61)
Anyone running Windows 7 or 8, don’t update to the new patch for the time being. KB3126446 puts it in a boot loop
— Marley (@IHazNotName),
If you install this update on Windows 7 SP1, your PC is more likely to reboot several times. The number of restarts can vary from system to system. The reboot is common for all updates. However, we no longer observe instances of looping.
The KB3126446 update mainly affects the Enterprise and Ultimate editions of Windows 7. But if you are running RDP 8.0, then all supported editions of Windows 7 are affected. So if users do not need the server-side features of RDP 8.0, Microsoft recommends upgrading to RDP 8.1 and skipping (or removing) the 3126446 update.
The size of the update is around 1.5 MB.
Known issues in this security update
You may have to restart the computer multiple times after you install this security update on a Windows 7-based computer that is running RDP 8.0.
What is Remote Desktop Protocol (RDP)?
It is a proprietary protocol developed by Microsoft that gives the user a graphical interface to connect to another computer over a network connection. This protocol is generally used for troubleshooting purposes. For example, if you are unable to boot or are having problems in your applications, you give access to your computer to another “user” or “expert”—causing someone who would like to investigate your PC.
RDP, or Remote Desktop Protocol, is useful in such grave situations, when your system stops working and you have no other resources available to repair your PC. But generally, you give access to your PC using RDP to people you trust. But sometimes, when you have no friends and are in dire straits, you may give access to your PC to “unknown” people, such as the Microsoft technical team or other experts, in order to get it working.
Some of them can be hackers. They can exploit the vulnerability in the existing RDP 8.0, and you must install the KB3126446 update if you frequently grant access to “unknown” individuals.
Read More: [Fix] Skype and Windows 10 – Some Early Errors and Solutions
What is the workaround?
The only way to prevent this problem is to avoid installing the update KB3126446. However, if you have automatic updates enabled, they will install without your intervention. The only remedy in that situation is to uninstall it again. But the update will pose a security threat if somebody accesses your computer using the RDP. Also, this particular problem arises if RDP 8.0 is installed on your system. By default, this feature is not enabled on your system.
But if you enabled RDP 8.0 to give access to another person, you can disable it. This option is the only solution in the current scenario.
How to Disable RDP?
To disable RDP using Group Policy
- Open Group Policy
- In Computer Configuration, Administrative Templates, Windows Components, and Terminal Services, double-click the Allows users to connect remotely using Terminal Services setting.
- Do one of the following:
- To enable Remote Desktop, click Enabled.
- To disable Remote Desktop, click Disabled.
If you disable Remote Desktop while users are connected to the target computers, the computers maintain their current connections but will not accept any new incoming connections.
To disable RDP using System Properties
- Open System in Control Panel.
- On the Remote tab, select or clear the Enable Remote Desktop on this computer check box, and then click OK.
A few important things:
- If the Group Policy setting for Allow users to connect remotely using Terminal Services is set to Not Configured, then the Enable Remote Desktop on this computer setting takes precedence. Otherwise, the first one will take precedence.
- You must be logged on as a member of the Administrators group to enable or disable Remote Desktop.
- When you enable RDP (Remote Desktop Protocol), you give access to remote users and groups to remotely log on to your computer. For safety purposes, you should decide which users and groups are allowed to log on remotely. You should also make the remote users use strong passwords to connect to your system. This case generally arises in a Windows network environment.