4:40pm, 05 Nov 2019

TLP Rating: White

Critical vulnerability in Microsoft remote desktop services

Updated from 15 May 2019  

Earlier this year, Microsoft published patches for a critical vulnerability in remote desktop services. This vulnerability affects older versions of Windows, including versions that are out of support. 

Security researchers report that this vulnerability is now being actively exploited. Reports state attackers are using the Bluekeep exploit to compromise unpatched systems and install a cryptocurrency miner. 

CERT NZ strongly recommends users of the affected Microsoft products to follow the mitigation advice in this advisory.