On 5/14/19 Microsoft released a patch for a vulnerability now called BlueKeep. This vulnerability allows for remote code execution on a computer that has Remote Desktop Services enabled. Sophos released a Proof of Concept exploit that takes advantage of the BlueKeep vulnerability. Without the patch they were able to get a cmd prompt running as system on an unpatched computer. You can watch the video at https://vimeo.com/344915265.
The patches for Windows 7 and Windows 2008 are available at https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708. The patches for XP and 2003 are available at https://support.microsoft.com/en-us/help/4500705/customer-guidance-for-cve-2019-0708. A vulnerability is very serious when Microsoft releases a patch for an OS that is no longer supported. This vulnerability is wormable, which means an unpatched computer can become infected just by being connected to a compromised computer. Patch your systems now to protect against BlueKeep.
Avoid computer infection by patching for Bluekeep now!

Tags: Security