A critical remote code execution vulnerability with Credential Security Support Provider protocol (CredSSP protocol) that exploit RDP and WinRM on all the version of windows machine could allow attackers to run arbitrary code on target servers. The issue is critical as DCE/RPC remains enabled by default. The vulnerability tracked as CVE-2018-0886 and Microsoft released patches for all affected platforms and also advised administrators to force the updates through group policies. An attacker who gained privileged access to the system can run different commands and install payloads.”]
Source: https://gbhackers.com/credssp-protocol-exploit-rdp-winrm/