A Cisco Talos researcher discovered two issues in Microsoft Remote Desktop Services. A denial-of-service vulnerability affects Windows 7/Windows Server 2008, Windows 8/Server 2012, and Windows 10/Server 2016. The information leak vulnerabilities exist during the connection setup of the process where the client and the server negotiate various aspects relevant to the session. They could be exploited by an attacker to cause a denial of service or leak information. Microsoft disclosed these issues as part of Decembers Patch Tuesday.”]
Source: https://blog.talosintelligence.com/2019/12/vuln-spotlight-RDP-Dec-19.html