New research shows close to 1 million systems with RDP exposed to the Internet remain unpatched and vulnerable to attacks. Microsoft has described the flaw as giving attackers a way to gain complete control over a vulnerable system. Microsoft considers the threat posed by BlueKeep to be so severe it issued patches even for Windows versions that it no longer supports but is widely used around the world. The vulnerability is a critical remote code execution bug in the Remote Desktop Services Protocol in older and legacy Windows, including Windows 7, Windows XP, and Windows Server 2008.”]
Source: https://www.darkreading.com/attacks-breaches/bluekeep-rdp-vulnerability-a-ticking-time-bomb