Microsoft announced yesterday that they had discovered a security vulnerability in older versions of Windows that could allow a hacker to access the computer without any user action required. This is covered under advisory CVE-2019-0708.
Affected versions:
Windows XP
Windows 7
Windows Server 2003
Windows Server 2008
Unaffected versions:
Windows 10
Windows Server 2016
Windows Server 2019
Due to the far-reaching affects of this vulnerability, Microsoft has taken the unusual step of releasing updates for versions of Windows that have been outside mainstream support for several years (e.g. Windows XP and Windows Server 2003).
Have There Been Any Attacks Yet?
As of the writing of this post Microsoft says they have not seen any evidence of attacks against this serious security vulnerability.