Preface: Heard that Microsoft is trying to head off another WannaCry-style malware outbreak before it starts.
Technical background: Remote Desktop Protocol is based on, and is an extension of, the T-120 family of protocol standards.
Vulnerability details: A vulnerability in the Remote Desktop Services component of Microsoft Windows could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.
Current status: The POC details open to cyber world. The source code let people know the design weakness of RDP. For instance, the buffer of TPKT (ver 3,5,8) , ITU-T Rec X.224 & MULTIPOINT-COMMUNICATION-SERVICE T.125. The overall feedback in commercial IT world is that they are not vulnerable because they do not have Win 2008, Win 7 and XP. It is right. But the attack vector is not a commercial area, and its targets are medical systems, SCAD control, power facilities and the oil industry. So this let Microsoft headache this time.
Remediation via following link: