Microsoft Windows Remote Desktop Protocol is prone to a security-bypass vulnerability. Successful exploits may allow an attacker to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks.
Block external access at the network boundary, unless external parties require service.
If global access isn’t needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of successful exploits.
Run all software as a nonprivileged user with minimal access rights.
To limit the impact of a successful exploit, run server software with the least privileges required and in restricted environments while still maintaining functionality.
Updates are available. Please see the references or vendor advisory for more information.