A vulnerability in the Windows print spooler service patched this week echoes a similar one exploited by the Stuxnet worm 10 years ago.
There has been a sharp increase in scans for exposed RDP servers recently as attackers try to take advantage of the move to remote work.
Microsoft has fixed three flaws that attackers were using in targeted attacks for several weeks.
The shift to remote work has caused a spike in the number of RDP servers exposed to the Internet, along with an increase in the number of scans for those servers.
A security vulnerability in Microsoft Exchange that was fixed in February is still unpatched on hundreds of thousands of Exchange servers.