Two of them expose unpatched systems to remote code execution (RCE) attacks, while the third one enables attackers to trigger a DoS state, taking down the targeted device. They are all exploitable remote by unauthenticated attackers and are tracked as CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086. The three TCP/IP security vulnerabilities impact computers running Windows client and server versions starting with Windows 7 and higher. This warning was issued due to elevated exploitation risk and potential denial-of-service (DoS) attacks that could soon target these bugs. Microsoft has urged customers today to install security updates for three Windows TCP/IP vulnerabilities rated as critical and high severity as soon as possible.
