Update: A proof of concept (POC) exploit of the deadly RDP vulnerability has been shown to trigger blue screens of death on Windows XP and Windows Server 2003 machines.
Two POCs were described as accurate in an email to SC by the discoverer of the vulnerability, Luigi Auriemma.
A third which was circulating on Twitter was fake.
HackLabs penetration tester Jody Melbourne said tests of the Chinese POC had crashed Windows virtual machines.
A bounty for a working exploit has been posted on developer site Gun.IO, funded in part by Metasploit creator HD Moore.
Auriemma said in a tweet that the packet stored in the Chinese rdpclient.exe POC was the "exact one" which he submitted to the Zero Day Initiative.
Some researchers said the source was the Microsoft's Active Protections Program.
Copyright © SC Magazine, Australia
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @itnews.com.au to your white-listed senders.