Critical Security Vulnerability: CVE-2019-0708 BlueKeep

6 June 2019
The department was recently alerted to a critical security vulnerability called BlueKeep which may affect Windows remote desktop protocol.

BlueKeep affects Microsoft Windows systems such as Windows XP, Windows 2003, Windows Server 2008 and earlier versions and has the potential for unauthenticated and self-propagating remote code execution on vulnerable machines to have a detrimental impact on critical infrastructure.

Microsoft has released patches to address this vulnerability. Recommended action is to patch immediately.

Please contact your local IT team in the first instance or your IT Service Provider to initiate the patching.  Alternatively, you can refer to the document here, which outlines the details of the risk and includes the recommended immediate actions to mitigate these risks.