Finding Windows Systems Affected by BlueKeep Remote Desktop Bug
On last month's Patch Tuesday, Microsoft announced that a vulnerability in Remote Desktop Services was discovered that could allow a wormable malware, such as a ransomware, to easily propogate through vulnerable systems.
This vulnerability, now known as BlueKeep, was given the unique ID of CVE-2019-0708 and affects Windows 7, Windows 2008 R2, Windows Server 2008, Windows XP, and Windows Server 2003. Due to its severity, Microsoft released patches for all supported versions of Windows as well as for Windows XP and Windows Server 2003, which no longer received security updates.
Since then, numerous security vendors and researchers have successfully created proof-of-concept exploits that can exploit this vulnerability. While none of these have been released, it would not be surprising if malware developer and threat actors were working on their own exploits.
For more information on security give us a call. 01726 850786