uses cookies to make interactions with the Company’s Websites easy and meaningful. When you visit one of the Company’s Websites,’s servers send a cookie to your computer. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Contact Us” or a “Free Trial” Web form), you remain anonymous to the Company. Please go to our privacy statement for details.


Trending CVEs for the Week of May 20th, 2019

CVE-2019-0708 – BlueKeep – Wormable RDP Vulnerability

NopSec advises you to apply patches immediately.


CVE-2019-0708 is a critical remote code execution vulnerability which exist in Remote Desktop Services – formerly known as Terminal – when an unauthenticated attacker connects to the target system using Remote Desktop Protocol (RDP).

Affected Operating Systems

  • Windows 2003
  • Windows XP
  • Windows 7
  • Windows Server 2008
  • Windows Server 2008 R2

Exploitation and Risk

It has been noted that the security flaw is “wormable”, meaning an exploit can be used to infect other devices on far more networks, There is a high chance of a spreading due to systems using default passwords or no passwords.
To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.

According to the Microsoft Advisory, the issue was serious enough that it led to Remote Code Execution and was wormable flaw, meaning it could spread automatically on unprotected systems. That is why Microsoft released patches even for  out-of-the support versions Windows 2003 & XP.


Due to the severity of CVE-2019-0708, we suggest you to apply patches immediately from Microsoft Security Guide.

If you can’t apply the patch immediately, you can take the following steps:

  • Disable RDP from outside of your network and limit it internally, if not required
  • Block TCP port 3389 at the firewall
  • Enable Network Level Authentication (NLA)

However, NopSec strongly suggests you to apply patches immediately.


Microsoft Security Advisory

National Vulnerability Database

Bleeping Computer

Schedule a Product Demo Today!

See how NopSec's security insights and cyber threat exposure management platform can organize your security chaos.