I have just installed Windows XP Pro SP1 and found that the two vulnerabilities announced earlier in the week have been addressed. "Microsoft Windows XP Remote Desktop denial of service" is fixed. "Microsoft Windows Remote Desktop Protocol checksum and keystroke" is partially fixed: Microsoft have altered the protocol to revert to the RDP 4.0 style input packet. This is a hack rather than a good solution because it doesn't fix the checksum leakage problem, and it increases bandwidth again. Unfortunately, the proper solution would require the encryption layer of the protocol to be redesigned. Ben Cohen Software Developer Skygate Technology Ltd.
