A proof-of-concept remote code execution (RCE) exploit for the BlueKeep vulnerability has been demoed by security researchers from McAfee Labs. Microsoft issued a security fix on May 14 to patch the critical vulnerability on both out-of support and in-support Windows versions. McAfee’s research team published a video demo of a working RCE PoC created after examining Microsoft’s patch to show how BlueKeep can be used to launch the calculator program after exploitation. The flaw can be partially mitigated by enabling Network Level Authentication (NLA) for Remote Desktop Services Connections.
Source: https://www.bleepingcomputer.com/news/security/researchers-demo-poc-for-remote-desktop-bluekeep-rce-exploit/