In the May 2019 Patch Tuesday release, Microsoft disclosed a remote code execution vulnerability (CVE-2019-0708) exists in Remote Desktop Protocol (RDP) – formerly known as Terminal Services. The cyber industry has named this vulnerability BlueKeep. An unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploits this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability only exists in older Windows operating systems (Windows XP, Vista, 7, Server 2003, Server 2008, Server 2008R2).
Microsoft has released patches for this vulnerability but has also warned that the BlueKeep flaw is “wormable”, similar to EternalBlue’s exploit of the Microsoft SMB protocol vulnerability (CVE-2017-0144), meaning that malware can use this vulnerability to spread from system to system by itself without controller or user intervention.
Here is the patch: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708
You're Invited! Not-For-Profit CFOShare
Tuesday December 10, 2019
4:00 PM - 6:00 PM
You're Invited! Annual Accounting & Business Conference
Wednesday December 4 2019
Hosted at the MSU Management Education Center in Troy, MI
You're Invited! Construction Update
Thursday November 21, 2019
Detriot Athletic Club
241 Madison Avenue
Detriot, MI 48226