A Microsoft security advisory has warned of a vulnerability in RPCBind, a Windows-based remote authentication protocol that was first published in 2012.
Remote authentication is a standard feature in Windows.
It requires the user to provide credentials to login to a Windows PC to authenticate.
Remote authentication can also be enabled via a Windows 10 or 8.1 system administrator.
In a Windows 7 and 8.0 RTM update for Windows, Microsoft said a flaw in RCPbind was disclosed.
“The RCP bind flaw was discovered in a remote access feature in RRP Bind, a new Windows feature that provides remote login to Windows.
The RCP Bind flaw could be exploited to gain remote login credentials by exploiting an attacker who gained unauthorized access to the affected Windows computer,” the security bulletin said.
The vulnerability was addressed by the update.
Microsoft said the exploit is available in Windows 10, Windows Server 2016, Windows 8.2, Windows 7 SP1, Windows Vista SP1 and Windows Server 2008 R2.
The flaw was fixed in Windows Server 2012, Windows 2012 R2, and Windows 7.
RPCbind was originally published in the Raspbian operating system.