Remote Desktop Services Remote Code Execution Vulnerability

This is why it’s a bad idea to have a Microsoft server with Remote Desktop on the open internet:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708

Microsoft today is taking the unusual step of releasing security updates for unsupported but still widely-used Windows operating systems like XP and Windows 2003 , citing the discovery of a “wormable” flaw that the company says could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017.

https://krebsonsecurity.com/tag/cve-2019-0708/