Microsoft has released security updates to address a remote code execution vulnerability in the following in-support and out-of-support operating systems:
In-support systems: Windows 7, Windows Server 2008 R2, and Windows Server 2008
Out-of-support systems: Windows 2003 and Windows XP
A remote attacker could exploit this vulnerability to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Microsoft Security Advisory and Microsoft Customer Guidance for CVE-2019-0708 and apply the necessary updates.