CVE-2025-24035

Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Services versions prior to the fixed version

Description: The issue is related to the storage of sensitive data in improperly locked memory in Windows Remote Desktop Services, allowing an unauthorized attacker to execute code over a network. This can be exploited by a remote attacker to execute arbitrary code and affect the system.

Recommendations: As a temporary workaround, consider disabling the Remote Desktop Services until a patch is available. Restrict access to the Remote Desktop Services to minimize the risk of exploitation. Avoid using the vulnerable Remote Desktop Services until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.