Itpa webheader

BlueKeep exploit released into the wild


By Dylan Bushell-Embling
Tuesday, 10 September, 2019


BlueKeep exploit released into the wild

The infamous BlueKeep vulnerability has now been weaponised, with security researchers at the Rapid7-led Metasploit project releasing an exploit for the Windows vulnerability into the wild.

The exploit, which Rapid7 said was released to allow defenders to mitigate the risk of BlueKeep-based exploits, is capable of achieving arbitrary code execution within the 64-bit versions of Windows 7 and Windows Server 2008 R2.

“One of the drivers in our releasing the exploit code today as a PR on Metasploit Framework is to enlist the help of the global developer and user community to test, verify and extend reliability across target environments,” Rapid7 said in a post detailing its motivations.

“As an open-source project, one of Metasploit’s guiding principles is that knowledge is most powerful when shared. Democratic access to attacker capabilities, including exploits, is critical for defenders — particularly those who rely on open-source tooling to understand and effectively mitigate risk.”

While this is not the first successful proof-of-concept exploit for the BlueKeep vulnerability, it is the first to have been released into the wild.

The exploit does have some limitations, including a need to manually input specific target details before further exploitation is attempted.

In the wake of the release of the exploit, the Australian Cyber Security Centre reiterated its advice for users of older versions of Windows to update their systems as soon as practically possible with Microsoft’s BlueKeep vulnerability patch.

The ACSC is also urging Windows users to deny access to RDPs directly from the internet, and to use a VPN if RDPs are required.

Image credit: ©stock.adobe.com/au/ArtemSam

Information Technology Professionals Association (ITPA) is a not-for-profit organisation focused on continual professional development for its 18,700 members. To learn more about becoming an ITPA member, and the range of training opportunities, mentoring programs, events and online forums available, go to www.itpa.org.au.

Related News

Australians unprepared for digital and telehealth

Government has made digital and telehealth available through bulkbilling but Australians may...

All the world's top 500 supercomputers run Linux

All 500 of the world's fastest supercomputers use Linux, and nearly half are located in...

Microsoft launches Teams for Linux preview

Microsoft has launched a public preview of its Microsoft Teams collaboration app for Linux.


  • All content Copyright © 2020 Westwick-Farrow Pty Ltd