Microsoft’s own security team have identified and patched another duo of critical wormable vulnerabilities in its Remote Desktop Protocol (RDP). The security flaws could allow malware to propagate from system-to-system without any user interaction.
The patches come hot on the heels of the high-profile Bluekeep vulnerability, disclosed by the UK’s National Cyber Security Centre to Microsoft in May. Microsoft warned in the wake of that disclosure that it was “highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware”.
National security agencies urged rapid patching in the wake of that