May 2019, Microsoft has patched 80 vulnerabilities. This vulnerability is rated critical and has a Common Vulnerability Scoring System (CVSS) score of 9.8.
An unauthenticated attacker could exploit this RCE flaw by sending a specially crafted request to systems running RDS via Remote Desktop Services (RDP), tricking it into executing the arbitrary code. This vulnerability is pre-authentication and requires no user interaction. The exploit code can also automatically replicate functional copies of themselves and cause widespread damage.
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests.
The vulnerability is pre-authentication, making it easily wormable, and allows for remote code execution. These are the affected OSes, all of which (yes including XP & 2003) have been patched:
- Windows XP
- Server 2003
- Windows 7
- Server 2008
- Server 2008R2