For dangerous BlueKeep vulnerability in Windows are arriving exploits

Last week, Microsoft released a patch that closes CVE-2019-0708 vulnerability (BlueKeep) that enables executing attacks, similar to WannaCry that affected thousands of computers worldwide.

The bug affects Remote Desktop Services, previously known as Terminal Services. Though the company did not fix attacks with the use of this vulnerability, a series of Internet-security experts confirmed that it could be exploited for remote code execution, and developed relevant PoC-exploits.

In particular, this fact confirmed Zerodium founder Chaouki Bekrar that specializes on sale and purchase of exploits. As he says, vulnerability works remotely without authorization and allows rising privileges on vulnerable platforms Windows Server 2008, Windows 7, Windows 2003 and XP.

The creation of working PoC-code reported security researcher with nickname Valthek, though he did not detail his exploit.

Security researcher Valthek announced that he was able to create proof-of-concept code that triggered the RDS bug

Security researcher Valthek announced that he was able to create proof-of-concept code that triggered the RDS bug

Code health confirmed McAfree specialist Christiaan Beek. Without going into technical nuances, Beek noted that PoC allowed remote code execution on Windows XP.

Christiaan Beek

Christiaan Beek

“After many hours @Valthek was able to get a working PoC for this. We are not going to reveal technical details or release code. We urge everyone to PATCH – it is really nasty…”, — reported Christiaan Beek.

According to him, vulnerability is linked with the Remote Desktop Protocol, so users are recommended disabling a protocol if it is not used and downloading a patch.

Microsoft specialists emphasize that there is the possibility that attackers will develop a working exploit for this vulnerability and add it to malware programs. So it is highly recommended for users to install a patch.

Source: https://www.bleepingcomputer.com

About the author

Sophia Zimmerman

High-quality tech & computer security copywriter, SEO editor & online marketing consultant

Leave a Comment