As part of this month’s patch Tuesday bulletin, Microsoft has released fixes for 59 security flaws, including 9 critical vulnerabilities. So far the tech giant hasn’t found evidence that any of the patched issues are being exploited in the wild.
However, Microsoft warns that one remote code execution (RCE) flaw affecting Remote Desktop Protocol (RDP) implementations is a likely target for exploitation in the near future. This bug, tracked as CVE-2019-1333, could enable attackers to access and tamper with user data, to create user accounts, and to install software via vulnerable RDP services. In order to exploit this flaw, an attacker should get a victim to connect to a malicious or compromised server. This can be achieved through a variety of attacks, including social engineering, DNS poisoning, or a man-in-the-middle attack.
Read more: Microsoft Issues 9 Critical Security Patches