Previously the attackers used to attack by sending specially crafted requests to their respective remote service of targeted unpatched windows system via RDP. After successfully sending this they could change, view or delete data; also, can create new user account with all rights of a user or administrator.
Looking upon this rising issue, Microsoft have introduced a patch against two leading flaws where they have also stated, “the users are urged to patch”. Patching this will lead the user to make its device more secured and prevent their device from the attackers. This will also help prevent their personal data come into public eyes and will always be protected from these attackers.
There was a flaw introduced Bluekeep which was patched three months ago. Bluekeep used to threat actors to create malware which used to be propagated between windows devices running vulnerable RDS installations.