In the May 2019 Patch Tuesday release, Microsoft disclosed a remote code execution vulnerability (CVE-2019-0708) exists in Remote Desktop Protocol (RDP) – formerly known as Terminal Services. The cyber industry has named this vulnerability BlueKeep. An unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploits this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability only exists in older Windows operating systems (Windows XP, Vista, 7, Server 2003, Server 2008, Server 2008R2).
Microsoft has released patches for this vulnerability but has also warned that the BlueKeep flaw is “wormable”, similar to EternalBlue’s exploit of the Microsoft SMB protocol vulnerability (CVE-2017-0144), meaning that malware can use this vulnerability to spread from system to system by itself without controller or user intervention.
Here is the patch: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708