- BlueKeep is a wormable security flaw in Microsoft Remote Desktop Services that allows attackers to take control remotely of vulnerable systems.
- Metasploit developers released the first functional prototype of exploit code with payload execution capabilities.
- Bitdefender tested the newly released exploit code and Hypervisor Introspection prevents this attack (demo included).
Last Friday, security researchers working on the Metasploit project released the first functional exploit code to successfully achieve code execution against systems vulnerable to BlueKeep. This high impact vulnerability affecting Microsoft Remote Desktop Services was first reported as CVE-2019-0708 in May 2019. On May 14th, Microsoft started releasing patches for affected Windows OSes (including the end of life XP and 2003)