PoC Code Developed to Exploit BlueKeep
Security researchers created proof-of-concept (PoC) code to exploit the previously reported Remote Desktop Services vulnerability known as BlueKeep. On May 14, Microsoft released patches to address the vulnerability, tracked as CVE-2019-0708, even for End-of-Life systems. Researchers determined that the flaw can be exploited remotely without authentication and grants the user the highest privileges. All unpatched Windows Server 2008, Windows 7, Windows 2003 and Windows XP machines are vulnerable. Security researchers at NCC Group developed and released a network detection rule for the vulnerability to assist network defenders. The NJCCIC highly advises users and administrators to update all vulnerable systems immediately. More information on BlueKeep can be found in Microsoft’s Advisory.