Microsoft urges Windows customers to patch wormable RDP flaw
Microsoft has fixed a critical vulnerability in some versions of Windows that can be exploited to create a powerful worm. The company even took the unusual step of releasing patches for Windows XP and Windows Server 2003, which haven’t been supported in years, because it believes the threat to be very high.
[ Learn how to identify, block and remove malware from Windows PCs. | Get the latest from CSO by signing up for our newsletters. ]
The vulnerability, tracked as CVE-2019-0708, is located in Remote Desktop Services, formerly known as Terminal Services. This component handles connections over the Remote Desktop Protocol (RDP), a widely used protocol for remotely managing Windows systems on corporate networks.
Source:: IT news – Security