bluekeep

About this tag
BlueKeep (CVE-2019-0708) is a critical, wormable remote code execution vulnerability in Microsoft's Remote Desktop Services affecting older Windows versions including Windows 7, Windows Server 2008 R2, and earlier. Like later vulnerabilities CVE-2019-1181 and CVE-2019-1182, BlueKeep can spread without user interaction, making it a significant security risk. Microsoft has released patches, and organizations are urged to apply them promptly. Misleading claims have circulated linking BlueKeep to ransomware like Dopplepaymer, but Microsoft investigations found no evidence of such propagation. Discussions on WindowsForum cover patching guidance, affected systems, and security best practices to mitigate this threat.
  1. Customer Guidance for the Dopplepaymer Ransomware

    Microsoft has been investigating recent attacks by malicious actors using the Dopplepaymer ransomware. There is misleading information circulating about Microsoft Teams, along with references to RDP (BlueKeep), as ways in which this malware spreads. Our security research teams have investigated...
  2. Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182)

    Today Microsoft released a set of fixes for Remote Desktop Services that include two critical Remote Code Execution (RCE) vulnerabilities, CVE-2019-1181 and CVE-2019-1182. Like the previously-fixed ‘BlueKeep’ vulnerability (CVE-2019-0708), these two vulnerabilities are also ‘wormable’, meaning...
  3. AA19-168A: Microsoft Operating Systems BlueKeep Vulnerability

    Original release date: June 17, 2019 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this Activity Alert to provide information on a vulnerability, known as “BlueKeep,” that exists in the following Microsoft Windows Operating Systems (OSs), including both 32- and...