Cyber Alert: Microsoft BlueKeep (CVE-2019-0708) Vulnerability

September 9, 2019

 hero Image

Update for Microsoft BlueKeep (CVE-2019-0708) Vulnerability

 

Please take notice that on Friday, September 6th, 2019, the Metasploit Project added an exploit module for the vulnerability known as BlueKeep (CVE-2019-0708). 

Unlike the previous publicly released BlueKeep exploits, the recent release allows for remote-code execution. Although there are no reported attacks in the wild at this time, the Align team expects exploit attempts imminently. 

BlueKeep (CVE-2019-0708) exists within the Remote Desktop Protocol (RDP) used by the following Microsoft Windows Operating Systems:

  • Windows 2000
  • Windows Vista
  • Windows XP
  • Windows 7
  • Windows Server 2003
  • Windows Server 2003 R2
  • Windows Server 2008
  • Windows Server 2008 R2

According to Microsoft, an attacker can send specially crafted packets to one of these operating systems that has RDP enabled. BlueKeep is considered “wormable” because malware exploiting this vulnerability on a system could propagate to other vulnerable systems; thus, a BlueKeep exploit would be capable of rapidly spreading in a fashion similar to the WannaCry malware attacks of 2017.

Security Recommendations

For more information, please contact Align Managed Services via email cyber@align.com.

- The Align Managed Services Team
cyber@align.com
www.align.com
www.align.com/support

Tags: Cybersecurity