CVE-2019-0708 – WindowsTechs.com

Microsoft urges us to patch after partially effective BlueKeep attack

Posted on November 11, 2019 by Danny Bradbury

Microsoft has urged people to patch their Windows systems following the appearance of mass BlueKeep exploits just over a week ago. Continue reading Microsoft urges us to patch after partially effective BlueKeep attack→

How to Get a Handle on Patch Management

Posted on September 3, 2019 by Tom Spring

As the number vulnerabilities hit a historic high, battle-worn security teams are upping their patching game. Continue reading How to Get a Handle on Patch Management→

RDP BlueKeep exploit shows why you really, really need to patch

Posted on July 1, 2019 by Mark Stockley

A video of the exploit shows CVE-2019-0708 being exploited remotely, without authentication. Continue reading RDP BlueKeep exploit shows why you really, really need to patch→

The GoldBrute botnet is trying to crack open 1.5 million RDP servers

Posted on June 10, 2019 by John E Dunn

Even its most optimistic users would have to concede that it’s been a bracing few weeks for anyone who relies on Microsoft’s Remote Desktop Protocol (RDP). Continue reading The GoldBrute botnet is trying to crack open 1.5 million RDP servers→

BlueKeep ‘Mega-Worm’ Looms as Fresh PoC Shows Full System Takeover

Posted on June 5, 2019 by Tara Seals

A working exploit for the critical remote code-execution flaw shows how an unauthenticated attacker can achieve full run of a victim machine in about 22 seconds. Continue reading BlueKeep ‘Mega-Worm’ Looms as Fresh PoC Shows Full System Takeover→

BlueKeep Vulnerability, Robert Graham – Paul’s Security Weekly #606

Posted on May 31, 2019 by Security Weekly Productions

Paul Asadoorian and Robert Graham from Errata Security show you how to search for the BlueKeep vulnerability, or CVE-2019-0708, that has been affecting hundreds of thousands of systems! You can download rdpscan from Rob’s Git repo which also … Continue reading BlueKeep Vulnerability, Robert Graham – Paul’s Security Weekly #606→

A million devices still vulnerable to ‘wormable’ RDP hole

Posted on May 30, 2019 by Danny Bradbury

An internet-wide scan has revealed almost one million devices vulnerable to CVE-2019-0708. Continue reading A million devices still vulnerable to ‘wormable’ RDP hole→

One Million Devices Open to Wormable Microsoft BlueKeep Flaw

Posted on May 28, 2019 by Lindsey O'Donnell

Researchers have discovered one million devices that are vulnerable to a “wormable” Microsoft flaw, which could open the door to a WannaCry-like cyberattack. Continue reading One Million Devices Open to Wormable Microsoft BlueKeep Flaw→

UPDATE NOW! Critical, remote, ‘wormable’ Windows vulnerability

Posted on May 15, 2019 by Mark Stockley

Microsoft has fixed an RDP vulnerability that can be exploited remotely, without authentication and used to run arbitrary code. Continue reading UPDATE NOW! Critical, remote, ‘wormable’ Windows vulnerability→

Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003

Posted on May 14, 2019 by BrianKrebs

Microsoft today is taking the unusual step of releasing security updates for unsupported but still widely-used Windows operating systems like XP and Windows 2003, citing the discovery of a “wormable” flaw that the company says could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017.

The vulnerability (CVE-2019-0709) resides in the “remote desktop services” component built into supported versions of Windows, including Windows 7, Windows Server 2008 R2, and Windows Server 2008. It also is present in computers powered by Windows XP and Windows 2003, operating systems for which Microsoft long ago stopped shipping security updates. Continue reading Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003→