Microsoft has released a critical security update addressing CVE-2026-24300, a severe vulnerability affecting multiple Windows versions. Users must apply patches immediately to prevent potential remote code execution attacks.
Microsoft has issued an emergency security update to address CVE-2026-24300, a critical vulnerability that could allow remote attackers to execute arbitrary code on affected systems. The vulnerability affects Windows 10, Windows 11, and Windows Server 2019/2022 across multiple versions.
The vulnerability exists in the Windows Remote Desktop Protocol implementation, where improper input validation could enable an unauthenticated attacker to send specially crafted packets to a targeted system. Successful exploitation could grant attackers complete control over vulnerable machines.
Affected Products and Versions:
- Windows 10 Version 1809 through 22H2
- Windows 11 Version 21H2 and 22H2
- Windows Server 2019 (all versions)
- Windows Server 2022 (all versions)
- Windows Server (Azure Edition) 2022
CVSS Score: 9.8 (Critical)
Attack Vector: Network
Required Privileges: None
Microsoft rates this vulnerability as critical due to the low complexity required for exploitation and the potential for complete system compromise without authentication. The company reports that active exploitation attempts have been detected in the wild.
Mitigation Steps:
- Apply the security update immediately through Windows Update
- Enable automatic updates if not already configured
- For enterprise environments, deploy patches through WSUS or Microsoft Endpoint Manager
- Consider temporarily disabling Remote Desktop services if immediate patching is not possible
The security update addresses the vulnerability by implementing proper input validation and packet handling within the RDP stack. Microsoft recommends that all affected systems be updated as soon as possible, particularly those exposed to untrusted networks.
Timeline:
- Vulnerability discovered: March 15, 2026
- Microsoft notified: March 16, 2026
- Patch development completed: March 28, 2026
- Update released: March 30, 2026
Organizations with internet-facing Remote Desktop Gateway servers should prioritize patching, as these systems are most likely to be targeted by attackers. Microsoft has also released additional hardening guidance for RDP configurations to provide defense-in-depth protection.
For detailed technical information and patch download links, visit the Microsoft Security Update Guide.
Comments
Please log in or register to join the discussion