4 New BlueKeep-like 'Wormable' Windows Remote Desktop Flaws Discovered

If you are using any supported version of the Windows operating system, stop everything and install the latest security updates from Microsoft immediately. Windows operating system contains four new critical wormable, remote code execution vulnerabilities in Remote Desktop Services, similar to th...

Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182)

Today Microsoft released a set of fixes for Remote Desktop Services that include two critical Remote Code Execution RCE vulnerabilities, CVE-2019-1181 and CVE-2019-1182. Like the previously-fixed ‘BlueKeep’ vulnerability CVE-2019-0708, these two vulnerabilities are also ‘wormable’, meaning that a...

Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182)

Today Microsoft released a set of fixes for Remote Desktop Services that include two critical Remote Code Execution RCE vulnerabilities, CVE-2019-1181 and CVE-2019-1182. Like the previously-fixed ‘BlueKeep’ vulnerability CVE-2019-0708, these two vulnerabilities are also ‘wormable’, meaning that a...

Protect against BlueKeep

Worms are the cause of many cyber headaches. They can easily replicate themselves to spread malicious malware to other computers in your network. As the field responders providing Microsoft enterprise customers with onsite assistance to serious cybersecurity threats, our Detection and Response Te...

Fearing WannaCry-Level Danger, Enterprises Wrestle with BlueKeep

The nightmare vision of a “mega-worm” global BlueKeep infection could be closer to becoming reality as working exploits are now becoming available to the public, and there’s evidence that adversaries are actively scanning for the vulnerability. Researchers weighed in with Threatpost about how...

Began openly selling a...the United States company is selling weapons of the BlueKeep the exploit-vulnerability warning-the black bar safety net

By 2019 05 on 15 August, Microsoft released 5 December patch update list, in which the presence of a marked to severe RDP Remote Desktop Services remote code execution vulnerability, an attacker can exploit this vulnerability remotely without user authentication by sending the special structure o...

Linux Botnet Adding BlueKeep-Flawed Windows RDP Servers to Its Target List

Cybersecurity researchers have discovered a new variant of WatchBog , a Linux-based cryptocurrency mining malware botnet, which now also includes a module to scan the Internet for Windows RDP servers vulnerable to the Bluekeep flaw. BlueKeep is a highly-critical, wormable, remote code execution...

Linux Botnet Adding BlueKeep-Flawed Windows RDP Servers to Its Target List

Cybersecurity researchers have discovered a new variant of WatchBog, a Linux-based cryptocurrency mining malware botnet, which now also includes a module to scan the Internet for Windows RDP servers vulnerable to the Bluekeep flaw. BlueKeep is a highly-critical, wormable, remote code execution...

Exploit for Use After Free in Microsoft

bluekeep Public work for CVE-2019-0708 2019-11-17 Updat...

Exploit for Use After Free in Microsoft

CVE-2019-0708 Unauthenticated CVE-2019-0708 "BlueKeep" Scanner...

Wormable BlueKeep Bug Still Threatens Legions of Windows Systems

For the past two months, security researchers have been sounding the alarm about BlueKeep, a critical remote code-execution vulnerability in Microsoft Windows that researchers said could lead to a “mega-worm” global infection. As of July 2, approximately 805,665 systems remain online that are...

Why Microsoft’s BlueKeep Bug Hasn’t Wreaked Havoc—Yet

Microsoft's critical vulnerability remains unpatched in hundreds of thousands of computers, and it may already be exploited in secret...

Microsoft Windows Remote Desktop - (BlueKeep) Denial of Service Exploit

Exploit Title: Bluekeep Denial of Service metasploit module Shodan Dork: port:3389 Date: 07/14/2019 Exploit Author: RAMELLA Sebastien https://github.com/mekhalleh/ Vendor Homepage: https://microsoft.com Version: all affected RDP services by cve-2019-0708 Tested on: Windows XP 32-bits / Windows 7...

Microsoft Windows Remote Desktop Services RCE Vulnerability (CVE-2019-0708, BlueKeep) - Active Check

Microsoft Windows Remote Desktop Services is prone to a remote code execution RCE vulnerability dubbed SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Exploit for Use After Free in Microsoft

cve-2019-0708 POC C...

Rdpscan - A Quick Scanner For The CVE-2019-0708 "BlueKeep" Vulnerability

This is a quick-and-dirty scanner for the CVE-2019-0708 vulnerability in Microsoft Remote Desktop. Right now, there are about 900,000 machines on the public Internet vulnerable to this vulnerability, so many are to expect a worm soon like WannaCry and notPetya. Therefore, scan your networks and...

Working BlueKeep Exploit Developed by DHS

The Department of Homeland Security has confirmed it has developed a working exploit for the “wormable” BlueKeep vulnerability. The agency issued an alert on Monday urging Windows users to update their machines as soon as possible. The alert heightens concerns that malicious actors could soon als...

Exploit for Use After Free in Microsoft

CVE-2019-0708 Unauthenticated CVE-2019-0708 "BlueKeep" Scanner...

Exploit for Use After Free in Microsoft

CVE-2019-0708 Batch Detection 0x01 Introduction CVE-2019-...

A week in security (June 3 – 9)

Last week on Malwarebytes Labs, we rounded up some leaks and breaches, reported about Magecart skimmers found on Amazon CloudFront CDN, proudly announced we were awarded as Best Cybersecurity Vendor Blog at the annual EU Security Blogger Awards, discussed how Maine inches closer to shutting down...