A Windows BlueKeep Exploit Is Now Commercially Available
Immunity Inc., an IT security consulting company, announced that a BlueKeep Exploit will now be included in CANVAS – the company’s commercially available security penetration-testing tool.
BlueKeep is a security vulnerability that affects Windows 7, Windows 2003, Windows XP, Windows Server 2008 R2, and Windows Server 2008. Also known as CVE-2019-0708, the flaw allows attackers to exploit Remote Desktop Protocol (RDP) in order to execute code on a victim’s computer without their permission. After infiltration, attackers are able to do everything from installing malicious software to stealing personal information. Microsoft patched the critical vulnerability on May 14th 2019 through a security update, but cybersecurity company BitSight still estimates that over 800 000 computers are still vulnerable as of July 2nd 2019.
Chris Day, Chief Cybersecurity Officer of Immunity Inc.’s parent company Cyxtera, states that the BlueKeep Exploit included in their penetration kit is not self-propagating. This means that if infection occurs during security testing, the virus does not have the ability to spread on the network.
Immunity Inc. is not the only company to have developed proprietary BlueKeep exploits. For example, cybersecurity company McAfee similarly developed a working exploit. Reverse Engineer Zǝɹosum0x0 had also done the same June of this year. However, neither of these parties released details of their exploit to the public, citing that it was too dangerous to release a working exploit to the public.
How do you protect yourself against the BlueKeep Exploit?
The most effective way to protect yourself against BlueKeep exploits is to ensure that you are using a supported and up-to-date operating system. If you are using one of the affected operating systems listed above, it is essential that you have installed the Microsoft updated issued on May 14th, 2019. Disabling Windows’ Remote Desktop Protocol on your PC and enabling Network Level Authentication will also make it more difficult for cyberattackers to infect your computer, but does not provide absolute protection against BlueKeep attacks.
We can help audit, design, and deploy customized internet security solutions to make sure your data is secure. Call us at +1 888 366 4443 or email us at info@gige.ca to learn more.