In August 2024, a critical remote code execution (RCE) vulnerability, CVE-2024-38077, affecting Windows Remote Desktop Licensing (RDL) Service was disclosed.
The vulnerability allows for unauthenticated RCE on affected servers without user interaction and impacts all Windows Server versions from 2000 to 2025 with RDL enabled.
The root cause is a heap-based buffer overflow in how RDL handles license key packet decoding, enabling attackers to execute arbitrary code with system-level privileges.
Microsoft has released a security patch for CVE-2024-38077 in July 2024; affected users are advised to apply the patch immediately to prevent exploitation.