"Note that CVE-2012-0002 was privately reported and we are not aware of any attacks in the wild. Additionally, the remote desktop protocol is disabled by default. However, due to the attractiveness of this vulnerability to attackers, we anticipate that an exploit for code execution will be developed in the next 30 days."
According to Microsoft, the remote desktop flaw could lead to remote code execution. And though this service, called Remote Desktop Protocol (RDP), is disabled by default in Windows, it's used by many businesses and thus is expected to be attacked quickly.
As a result, Microsoft has provided workarounds that will mitigate the issues ahead of patch deployment. The workarounds are available as Microsoft Fix It solutions, which essentially enable a feature called Network Level Authentication (NLA) for RDP.
Sources: Security Research & Defense, WinSupersite