Critical Vulnerabilities in Windows Remote Desktop Services (CERT-EU Security Advisory 2025-009)

On March 13, Microsoft has released its March security update, addressing 57 vulnerabilities across its product range, including six critical flaws. Among the critical vulnerabilities are CVE-2025-24035 and CVE-2025-24045, both Remote Code Execution (RCE) vulnerabilities in Windows Remote Desktop Services (RDS). Each vulnerability has been assigned a CVSSv3 score of 8.1 and is rated as critical.
It is recommended updating affected assets as soon as possible.

https://www.cert.europa.eu/publications/security-advisories/2025-009/