Microsoft released security patches addressing a significant vulnerability in Windows Remote Desktop Services that could allow unauthorized attackers to launch denial of service attacks over network connections.
The vulnerability, designated as CVE-2025-53722, affects multiple Windows versions spanning from legacy systems to the latest Windows Server 2025 and Windows 11 24H2 releases.
Key Takeaways
1. Critical Windows RDS flaw lets remote attackers trigger DoS.
2. Network‑based, low complexity attack vector.
3. Microsoft patched it on Aug 12, 2025.
Windows RDP DoS Vulnerability
The vulnerability stems from uncontrolled resource consumption in Windows Remote Desktop Services, classified under CWE-400 by the Common Weakness Enumeration system.
Security researchers have assigned the flaw a CVSS 3.1 base score of 7.5, indicating high severity with the potential for significant system disruption.
The attack vector presents particularly concerning characteristics, requiring no authentication or user interaction while maintaining low attack complexity.
The CVSS vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C reveals that attackers can exploit this vulnerability remotely over network connections without requiring elevated privileges.
While the vulnerability does not compromise data confidentiality or integrity, it poses a high availability impact, potentially rendering affected systems completely inaccessible through resource exhaustion attacks.
Erik Egsgard from Field Effect receives acknowledgment for discovering and responsibly disclosing this vulnerability through coordinated disclosure processes.
Microsoft’s exploitability assessment currently rates the likelihood of exploitation as “Less Likely,” though no public exploits or active attacks have been documented at the time of disclosure.
| Risk Factors | Details |
| Affected Products | – Windows Server 2008 R2 (SP1)- Windows Server 2012 / 2012 R2- Windows Server 2016- Windows Server 2019- Windows Server 2022- Windows Server 2025- Windows 10 (versions 1607, 1809, 21H2, 22H2)- Windows 11 (versions 22H2, 23H2, 24H2) |
| Impact | Denial of Service (DoS) |
| Exploit Prerequisites | No authentication required, no user interaction, network‑based attack, low complexity. |
| CVSS 3.1 Score | 7.5 (High) |
Security Updates
Microsoft has released comprehensive security updates addressing CVE-2025-53722 across 33 different Windows configurations, including both standard installations and Server Core deployments.
Critical patches include KB5063880 and KB5063812 for Windows Server 2022, KB5063878 and KB5064010 for Windows Server 2025, and KB5063875 for Windows 11 versions 22H2 and 23H2.
Legacy systems receive equal attention, with patches KB5063947 and KB5063927 addressing Windows Server 2008 R2 systems, while KB5063950 covers Windows Server 2012 R2 installations.
Organizations operating Windows 10 systems across various versions can apply KB5063709 for 21H2 and 22H2 releases, and KB5063871 for version 1607 systems.
System administrators should prioritize immediate patch deployment, particularly in environments where Remote Desktop Services face external network exposure.
The vulnerability’s network-based attack vector and low complexity requirements make unpatched systems attractive targets for disruption campaigns targeting business continuity and operational availability.
Boost your SOC and help your team protect your business with free top-notch threat intelligence: Request TI Lookup Premium Trial.
Source link
