Researchers with Sophos have developed a Proof-of-Concept (PoC) for the highly critical BlueKeep security flaw (CVE-2019-0708) that impacts Remote Desktop Protocol (RDP) implementations on older Windows operating systems. The exploit would enable attackers to take over hundreds of thousands of devices that are still thought to be vulnerable even though Microsoft released a patch for the flaw on May 14.
Last month, the US Cybersecurity and Infrastructure Security Agency (CISA) issued an alert about BlueKeep after it exploited the flaw on a vulnerable Windows 2000 machine. Warnings have also been issued by Microsoft and the National Security Agency (NSA).