Microsoft has issued a security update addressing CVE-2026-24302, a critical vulnerability affecting multiple Windows versions. The flaw could allow remote code execution without user interaction.
Microsoft has released an emergency security update to address CVE-2026-24302, a critical vulnerability rated 9.8/10 on the CVSS scale that affects Windows 10, Windows 11, and Windows Server 2022 systems. The vulnerability exists in the Windows Remote Desktop Services component and could allow unauthenticated attackers to execute arbitrary code remotely.
The flaw requires no user interaction and can be exploited over the network without authentication. Microsoft reports that the vulnerability has been actively exploited in the wild, prompting the out-of-band security release.
Affected Systems
- Windows 10 version 1809 and later
- Windows 11 all versions
- Windows Server 2022
- Windows Server 2019 (limited exposure)
Mitigation Steps
- Apply the security update immediately via Windows Update
- Enable network-level authentication for Remote Desktop connections
- Block TCP port 3389 at network perimeter if RDP is not required
- Monitor for unusual RDP connection attempts in event logs
Microsoft has also released updated detection signatures for Microsoft Defender and other security products to identify exploitation attempts. Organizations should prioritize patching systems exposed to the internet or untrusted networks.
The security update is available through Windows Update and WSUS. Microsoft recommends immediate deployment given the active exploitation and high severity rating. Additional technical details are available in the Microsoft Security Update Guide under CVE-2026-24302.
Comments
Please log in or register to join the discussion