Windows Remote Desktop Services Remote Code Execution Vulnerability (CVE-2019-0708) Exploit Disclosure Threat Alert
September 25, 2019
In the early morning of September 7, Beijing time, a developer disclosed a Metasploit exploit module for the Windows remote desktop services remote code execution vulnerability (CVE-2019-0708) on GitHub. The initial public exploit module (BlueKeep) for the CVE-2019-0708 vulnerability could cause old versions of Windows (Windows 7 SP1 x64 and Windows 2008 R2 x64) to execute code remotely without user interaction. This vulnerability, like WannaCry, will propagate widely, having constituted security threats in the wild.
June 17, 2019
1 Vulnerability Overview
On June 12, 2019, Beijing time, Microsoft released security patches for the Windows NTLM tampering vulnerability (CVE-2019-1040), which exists in Windows operating systems and allows attackers to bypass the NTLM MIC (Message Integrity Check) protection. (more…)