CVE-1999-0680 is a vulnerability affecting the Windows NT Terminal Server component. The issue arises because the Terminal Server performs additional processing when a client initiates a new connection before the client has been authenticated. This extra work can be exploited to cause a denial of service (DoS) condition. Specifically, an attacker can open multiple connections to the Terminal Server, forcing it to expend resources on unauthenticated sessions, potentially exhausting system resources and rendering the service unavailable to legitimate users. The vulnerability does not impact confidentiality or integrity, as it does not allow unauthorized data access or modification. The CVSS score of 5.0 (medium severity) reflects the network attack vector (AV:N), low attack complexity (AC:L), no authentication required (Au:N), and impact limited to availability (A:P). A patch addressing this vulnerability is available from Microsoft, as documented in the security bulletin MS99-028. No known exploits have been reported in the wild, but the vulnerability remains a concern for systems still running unpatched Windows NT Terminal Server installations.

For European organizations, the primary impact of this vulnerability is the potential disruption of remote desktop services provided by Windows NT Terminal Server. Organizations relying on Terminal Server for remote access or application delivery could experience service outages if targeted by a denial of service attack exploiting this vulnerability. This could affect business continuity, especially in sectors where remote access is critical, such as finance, healthcare, and government services. Although Windows NT is an outdated platform, legacy systems may still be in use in some European organizations, particularly in industrial or governmental environments with long upgrade cycles. The denial of service could lead to operational downtime, loss of productivity, and increased support costs. However, since no confidentiality or integrity impact exists, data breaches are not a direct concern from this vulnerability alone.

European organizations should ensure that all Windows NT Terminal Server systems are fully patched with the updates provided in Microsoft Security Bulletin MS99-028. Given the age of the affected software, organizations should prioritize migrating away from Windows NT Terminal Server to supported and modern remote desktop solutions that include improved security controls and resilience against DoS attacks. Network-level mitigations include implementing rate limiting and connection throttling on firewall or gateway devices to restrict the number of unauthenticated connection attempts to Terminal Servers. Additionally, organizations should monitor network traffic for unusual spikes in connection attempts to Terminal Servers and establish alerting mechanisms. Segmentation of Terminal Server infrastructure from the broader network can reduce the attack surface. Finally, disabling Terminal Server services on systems where they are not required will eliminate exposure.