Microsoft Addresses Critical Vulnerability in Windows Remote Desktop Services.
Microsoft has unveiled a series of security patches targeting a grave vulnerability within Windows Remote Desktop Services, which could enable unauthorized attackers to initiate denial-of-service (DoS) assaults via network connections.
Identified as CVE-2025-53722, this vulnerability impacts a broad spectrum of Windows versions, from older systems to the cutting-edge Windows Server 2025 and Windows 11 24H2 releases.
Key Takeaways
1. Serious flaw in Windows RDS allows remote attackers to launch DoS attacks.
2. Low complexity, network-based attack vector.
3. Microsoft deployed patches on August 12, 2025.
Analysis of the Windows RDP DoS Vulnerability
This vulnerability arises from uncontrolled resource consumption within Windows Remote Desktop Services, categorized under CWE-400 by the Common Weakness Enumeration.
Security analysts have assigned this flaw a CVSS 3.1 base score of 7.5, signifying a high level of severity with substantial potential for system disruption.
The concerning characteristics of this attack vector include its independence from authentication and lack of user interaction, along with a low complexity rating.
The CVSS vector string, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC: C, indicates that attackers can exploit this vulnerability remotely over network connections without requiring elevated permissions.
While the vulnerability does not jeopardize data confidentiality or integrity, it presents a significant risk to availability, potentially incapacitating affected systems through resource exhaustion attacks.
Erik Egsgard from Field Effect is recognized for his role in discovering and responsibly disclosing this vulnerability through a coordinated process.
Microsoft’s current exploitability assessment rates the chances of exploitation as “Less Likely,” with no public exploits or active attacks reported at the time of the disclosure.
| Risk Factors | Details |
| Affected Products | – Windows Server 2008 R2 (SP1) – Windows Server 2012 / 2012 R2 – Windows Server 2016 – Windows Server 2019 – Windows Server 2022 – Windows Server 2025 – Windows 10 (versions 1607, 1809, 21H2, 22H2) – Windows 11 (versions 22H2, 23H2, 24H2) |
| Impact | Denial of Service (DoS) |
| Exploit Prerequisites | No authentication needed, no user interaction, network-based attack, low complexity. |
| CVSS 3.1 Score | 7.5 (High) |
Security Updates Issued
In response to CVE-2025-53722, Microsoft has rolled out an extensive suite of security updates encompassing 33 different Windows configurations, inclusive of standard installations and Server Core deployments.
Notable patches include KB5063880 and KB5063812 for Windows Server 2022, KB5063878 and KB5064010 for Windows Server 2025, and KB5063875 for Windows 11 versions 22H2 and 23H2.
Legacy systems are not overlooked, as patches KB5063947 and KB5063927 address vulnerabilities in Windows Server 2008 R2, while KB5063950 pertains to Windows Server 2012 R2 installations.
Organizations with Windows 10 systems are encouraged to apply KB5063709 for versions 21H2 and 22H2, as well as KB5063871 for version 1607 systems.
Immediate patch deployment is strongly advised for system administrators, particularly in settings where Remote Desktop Services are exposed to external networks.
The network-based nature of this vulnerability and its low complexity render unpatched systems enticing targets for disruption strategies aimed at compromising business continuity and operational availability.
Source link: Cybersecuritynews.com.
