Microsoft Remote Desktop Protocol Server CVE-2019-1224 Information Disclosure Vulnerability
Description
An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system. To exploit this vulnerability, an attacker would have to connect remotely to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how the Windows RDP server initializes memory.
Affected Applications
Windows 10
Windows Server version 1903 (Server Core installation)
Windows Server version 1803 (Server Core Installation)
Windows Server 2019