Windows Remote Desktop Services Vulnerability Allows Attackers to Launch Denial of Service Attacks Over the Network

Microsoft has released critical security patches to address a significant vulnerability in Windows Remote Desktop Services, designated as CVE-2025-53722. This flaw allows unauthorized attackers to launch denial of service (DoS) attacks over network connections, affecting multiple Windows versions, including legacy systems and the latest Windows Server 2025 and Windows 11 24H2 releases. The vulnerability arises from uncontrolled resource consumption, classified under CWE-400, and has been assigned a CVSS 3.1 base score of 7.5, indicating high severity. Notably, the attack vector requires no authentication or user interaction, making it particularly concerning due to its low complexity. While the vulnerability does not compromise data confidentiality or integrity, it poses a high availability impact, potentially rendering affected systems completely inaccessible.

Microsoft’s security updates, released on August 12, 2025, address CVE-2025-53722 across 33 different Windows configurations, including both standard installations and Server Core deployments. Key patches include KB5063880 and KB5063812 for Windows Server 2022, as well as KB5063878 and KB5064010 for Windows Server 2025. Windows 11 users can apply KB5063875 for versions 22H2 and 23H2, while legacy systems receive attention through patches KB5063947 and KB5063927 for Windows Server 2008 R2 and KB5063950 for Windows Server 2012 R2. Organisations operating Windows 10 systems across various versions can apply KB5063709 to mitigate the risk. Erik Egsgard from Field Effect is acknowledged for discovering and responsibly disclosing this vulnerability through coordinated processes. 

Categories: Security Vulnerability, Denial of Service, Microsoft Patches 

Tags: CVE-2025-53722, Windows Remote Desktop Services, Denial of Service, Network-based Attack, Low Complexity, CVSS 3.1, Security Updates, Resource Exhaustion, Unauthorized Access, Windows Server