All organizations with Windows infrastructures should make sure their systems are patched to current versions, Rapid7 suggests.
An exploit for BlueKeep, a vulnerability in Microsoft's Remote Desktop Protocol (RDP) that can allow remote code execution, is the subject of the latest pull request of Metasploit, the open source exploit framework widely used by security researchers.
BlueKeep, designated CVE-2019-0708, affects Windows versions from 2000 through Server 2008 R2 and Windows 7. A related vulnerability, DejaBlue, is present in these versions as well as newer Windows versions through Windows 10.
A blog post at Rapid7, the security company that maintains Metasploit in conjunction with the open source community, notes that RDP attacks went up dramatically following the initial BlueKeep release, though the overall level of such activity is below what it initially expected. The company suggests that all organizations with Windows infrastructures make sure their systems are patched to current versions.
The BlueKeep exploit module for Metasploit is available on GitHub.
For more, read here.
Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "Phishers' Latest Tricks for Reeling in New Victims."
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024