BlueKeep exploit released into the wild
The infamous BlueKeep vulnerability has now been weaponised, with security researchers at the Rapid7-led Metasploit project releasing an exploit for the Windows vulnerability into the wild.
The exploit, which Rapid7 said was released to allow defenders to mitigate the risk of BlueKeep-based exploits, is capable of achieving arbitrary code execution within the 64-bit versions of Windows 7 and Windows Server 2008 R2.
“One of the drivers in our releasing the exploit code today as a PR on Metasploit Framework is to enlist the help of the global developer and user community to test, verify and extend reliability across target environments,” Rapid7 said in a post detailing its motivations.
“As an open-source project, one of Metasploit’s guiding principles is that knowledge is most powerful when shared. Democratic access to attacker capabilities, including exploits, is critical for defenders — particularly those who rely on open-source tooling to understand and effectively mitigate risk.”
While this is not the first successful proof-of-concept exploit for the BlueKeep vulnerability, it is the first to have been released into the wild.
The exploit does have some limitations, including a need to manually input specific target details before further exploitation is attempted.
In the wake of the release of the exploit, the Australian Cyber Security Centre reiterated its advice for users of older versions of Windows to update their systems as soon as practically possible with Microsoft’s BlueKeep vulnerability patch.
The ACSC is also urging Windows users to deny access to RDPs directly from the internet, and to use a VPN if RDPs are required.
Information Technology Professionals Association (ITPA) is a not-for-profit organisation focused on continual professional development for its 18,700 members. To learn more about becoming an ITPA member, and the range of training opportunities, mentoring programs, events and online forums available, go to www.itpa.org.au.
Failing to provide IT employees with quality training can cause significant costs for businesses,...
The Australian Government is seeking feedback on a new cybersecurity strategy to help businesses...
Microsoft has announced a new single end of support date for the tools within the Microsoft...