Someone just revealed the tricky kernel heap spray part
Vital clues on how to exploit the notorious Windows RDP bug, aka CVE-2019-0708 aka BlueKeep, and hijack vulnerable boxes, emerged online this week.
The growing number of hints can be used by folks to develop working code that attacks Microsoft's Remote Desktop Services software, on Windows XP through to Server 2008, and gains kernel-level code execution without any authentication or user interaction. You just need to be able to reach a vulnerable RDP server across the network or internet.
Such an intrusion would give an attacker full control of a machine. So far, publicly available proof-of-concept exploit code mostly crashes vulnerable systems, rather than commandeer boxes. It's feared that publicly shared, working, and reliable remote code-execution exploits, built from the aforementioned hints and tips, will be used to create a worm that can move ..
Support the originator by clicking the read the rest link below.
