Twitter | Search | |
This is the legacy version of twitter.com. We will be shutting it down on 15 December 2020. Please switch to a supported browser or device. You can see a list of supported browsers in our Help Center.
Christiaan Beek
CVE-2019-0708 - After many hours was able to get a working PoC for this. We are not going to reveal technical details or release code. We urge everyone to PATCH - it is really nasty..
Reply Retweet Like More
Kevin Beaumont 18 May 19
did you get RCE?
Reply Retweet Like
Christiaan Beek 18 May 19
Yes absolutely
Reply Retweet Like
ComplianceSecurity Commander 18 May 19
Is enabling NLA effective at blocking the exploit?
Reply Retweet Like
Christiaan Beek 18 May 19
We did not test that but disabling RDP and applying the patch works
Reply Retweet Like
Steve Walsh 18 May 19
One of asks from my team is people looking for IOCS and signatures.... Understanding that there is no in the wild malware. Can you share insight into anything we could watch for other than usage of port 3389
Reply Retweet Like
Christiaan Beek 18 May 19
It is related to RDP. If no need please disable it and patch in case. No direct RDP access from outside and limit internal RDP only if you have executed the patch.
Reply Retweet Like
/dev/fd0 ©️®️™️ ⭕️ RCX 19 May 19
best patch would be to replace with or 😎
Reply Retweet Like
Christiaan Beek 19 May 19
Replying to @fd0_nl @jedisct1 and 6 others
😂👍
Reply Retweet Like
Giorgio Fedon 🕸️ 19 May 19
On Which OS versions is exploit working? Because it’s extremely hard under Windows2008r2
Reply Retweet Like
Christiaan Beek 19 May 19
Replying to @n0def @ValthekOn and 5 others
Ours is working on Windows XP
Reply Retweet Like