Bluekeep a wormable critical RCE vulnerability in Remote desktop services let hackers access the vulnerable machine without authentication. As vulnerability is wormable, it could rapidly compromise millions of machine in a short period.
Successful exploitation of the vulnerability allows a remote attacker to run arbitrary code on the target system, and the attacker can install programs to track user changes, delete data and to create a user account with elevated privileges.
The vulnerability can be tracked as CVE-2019-0708 and it affects multiple windows operating systems that includes both the supported and non-supported versions.
Microsoft released a patch for BlueKeep vulnerability on May 14 that addresses how Remote Desktop Services handles connection requests.
Following are the affected versions
- Windows 2003
- Windows XP
- Windows Vista
- Windows 7
- Windows Server 2008
- Windows Server 2008 R2
Systems that are running Windows 8 and 10 are not affected by this vulnerability. Microsoft patched the vulnerability for the supported versions as well an extra step to patch non-supported versions.
0patch released Micropatch for BlueKeep, that will be useful for computers in which the Microsoft’s update was not applied and in some mission-critical systems such as ATM’s or ICS where the restart is not possible.
To read the original article: