All organizations with Windows infrastructures should make sure their systems are patched to current versions, Rapid7 suggests. An exploit for BlueKeep, a vulnerability in Microsoft’s Remote Desktop Protocol (RDP) that can allow remote code execution, is the subject of the latest pull request of Metasploit, the open source exploit framework widely used by security researchers.
The lack of an attack has puzzled some security experts, but the general advice remains that companies should patch their vulnerable systems more quickly. When Microsoft originally issued an alert for a remotely exploitable software flaw in mid-May, security firms immediately drew analogies between the danger posed by the so-called “BlueKeep” vulnerability and the destruction
Organizations with systems exploitable via the RDP flaw pose an increasing risk to themselves and other organizations, BitSight says. New Internet scan data shows that if an exploit for the BlueKeep RDP vulnerability disclosed in May were to become publicly available this week, more than 800,000 systems would be at immediate risk of compromise. The
One month after Microsoft disclosed the flaw, nearly 1 million systems remain unpatched, and Internet scans looking for vulnerable systems have begun increasing. The BlueKeep RDP vulnerability continues to be a ticking time bomb one month after Microsoft publicly disclosed the flaw. New research from security vendor BitSight shows that close to 1 million systems
The National Security Agency joins Microsoft in urging Windows admins to patch ‘wormable’ bug CVE-2019-0708. The National Security Agency has issued a release and advisory pushing Microsoft Windows administrators to patch “BlueKeep” (CVE-2019-0708), a critical remote code execution bug in Remote Desktop Services (RDS) on supported and unsupported versions of Windows. BlueKeep affects Windows 7,
Fearing another worm of WannaCry severity, Microsoft warns vulnerable users to apply the software update for CVE-2019-0708. Microsoft’s Security Response Team (MSRC) is warning organizations to patch BlueKeep (CVE-2019-0708), a critical remote code execution vulnerability it fixed earlier this month. The flaw is in Remote Desktop Services (RDS), formerly known as Terminal Services, and affects