BlueKeep is a vulnerability in the Microsoft Remote Desktop Protocol service, impacting Windows 7, Windows Server 2008 R2 and Windows Server 2008. Although patches have been available since May 2019 and many organisations issued security alerts (including German Federal Office for Information Security), it is estimated that roughly 700,000 Internet-connected, vulnerable Windows systems haven't been patched as of yet.
At the beginning of November, BlueKeep has been widely exploited for the first time. It has been used to spread cryptocurrency miners, but in many cases, the attack failed and crashed infected systems. However, the vulnerability has the potential to be exploited in a much more sophisticated and harmful way to create a self-spreading (wormable) malware. Users of vulnerable devices are again urged to patch their systems because this might be just the calm before the storm.