Tyler Reguly, technical manager of security research and development for nCircle, urged Microsoft customers affected by the RDP threat "to throw the patch rulebook out the window and install [MS12-020] faster than your enterprise patch cycle normally allows." Indeed, system administrators should "patch this one immediately, if not sooner," Storms added, advising those who cannot install the patch today to enable network-level authentication in RDP to reduce the attack surface until they can.

Even though MS12-020 addresses "privately reported vulnerabilities," Reguly says he is "surprised that Microsoft waited to release MS12-020 during its normal patch cycle."

However, the critical patch is the only one that makes this Patch Tuesday anything but a "pretty light month," Kandek says. Those other patches, which address denial of service and elevation of privilege vulnerabilities in and Visual Studio, as well as a remote code execution exploit in Expression Design, can be applied within the normal patch cycle, Kandek says.

"In other words, without MS12-020, this is a completely normal and rather generic Patch Tuesday," Reguly says.

Until this month, Microsoft's Patch Tuesdays have been little more than normal and generic in 2012, with a steady decrease in critical exploits making for a more positive security outlook for Microsoft.