Microsoft has warned admins to strengthen the passwords linked to a selection of common user names, after reports of a new internet worm spreading for the first time via the Remote Desktop Protocol.
The Morto worm targets Windows workstations and servers, and was first flagged by F-Secure chief research officer Mikko Hyppönen over the weekend.
"Windows has built-in support for this protocol via Windows Remote Desktop Connection. Once you enable a computer for remote use, you can use any other computer to access it," he explained.
"When you connect to another computer with this tool, you can remotely use the computer, just like you'd use a local computer."
Microsoft issued an update to its Malware Protection Centre on Monday claiming that Morto infection numbers are low but still present a threat.
The worm attempts to connect to a selection of hosts linked to common user names including 'admin', 'backup' and 'guest', according to Microsoft.
"It's important to remember that this malware does not exploit a vulnerability in Remote Desktop Protocol, but instead relies on weak passwords," the company said.
"If you haven't already, check if these user names are being used in your environment and change the associated passwords to ones that are strong.
"Even computers that have been cleaned of this threat can be easily reinfected if the passwords are not changed and the computer remains unprotected."
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago