Skip to content
  • Home
  • Emerging Technology & News
  • Computer Help
  • Privacy and Security
  • Reimage Windows Repair
The Reimage Blog
Menu
  • Home
  • Emerging Technology & News
  • Computer Help
  • Privacy and Security
  • Reimage Windows Repair
Facebook Twitter
Home  /  Privacy and Security  /  Microsoft warns users to stay alert for more BlueKeep attacks
PostedinPrivacy and Security Posted on November 8, 2019

Microsoft warns users to stay alert for more BlueKeep attacks

Posted By Kerry.Hershey

Microsoft: BlueKeep exploit will likely be used to deliver payloads more impactful and damaging than coin miners.

Microsoft’s security team believes that more destructive BlueKeep attacks are on the horizon and urges users and companies alike to apply patches if they’ve been lagging.

The company’s warning comes after security researchers detected the first-ever malware campaign that weaponized the BlueKeep vulnerability.

The attacks, which were detected last weekend, used BlueKeep to break into unpatched Windows systems and install a cryptocurrency miner.

Many security researchers considered the attacks underwhelming and not living up to the hype that was built around BlueKeep for the past six months.

This was because Microsoft said BlueKeep could be used to build wormable (self-spreading) malware. However, the attacks that happened over the weekend did not deploy malware that could spread on its own.

Instead, attackers scanned the internet for vulnerable systems and attacked each unpatched system, one at a time, deploying a BlueKeep exploit, and then the cryptocurrency miner.

This was far from the self-spreading malware outbreak that Microsoft said BlueKeep could trigger. Furthermore, in many cases, the BlueKeep exploit failed to work, crashing systems.

But Microsoft says this is just the beginning, and that attackers will eventually refine their attacks, and that the worst is yet to come.

“While there have been no other verified attacks involving ransomware or other types of malware as of this writing, the BlueKeep exploit will likely be used to deliver payloads more impactful and damaging than coin miners,” Microsoft said today. “We cannot discount enhancements that will likely result in more effective attacks.”

Now, Microsoft is warning and urging users to apply patches — for the third time this year.

“Customers are encouraged to identify and update vulnerable systems immediately,” the company said. “Many of these unpatched devices could be unmonitored RDP appliances placed by suppliers and other third-parties to occasionally manage customer systems. BlueKeep can be exploited without leaving obvious traces, customers should also thoroughly inspect systems that might already be infected or compromised.”

THE BLUEKEEP LOWDOWN

Because there’s been a flood of BlueKeep-related coverage this year, below is a summary of what you need to know. Just the essentials:

  • BlueKeep is a nickname given to CVE-2019-0708, a vulnerability in the Microsoft RDP (Remote Desktop Protocol) service.
  • BlueKeep impacts only: Windows 7, Windows Server 2008 R2, Windows Server 2008.
  • Patches have been available since mid-May 2019. See official Microsoft advisory.
  • On the same day it released patches, Microsoft published a blog post warning about BlueKeep being wormable.
  • Microsoft issued a second warning about orgs needing to patch BlueKeep, two weeks later, at the end of May.
  • The US National Security Agency, the US Department of Homeland Security, Germany’s BSI cyber-security agency, the Australian Cyber Security Centre, and the UK’s National Cyber Security Centre have all issued their own security alerts, trying to get companies to patch outdated computer fleets.
  • Many security researchers and cyber-security firms developed fully-working BlueKeep exploits over the summer; however, nobody published the code after realizing how dangerous the exploit was, and fearing that it could be abused by malware authors.
  • In July, a US company started selling a private BlueKeep exploit to its customers, so they could test if their systems were vulnerable.
  • In September, the developers of the Metasploit penetration testing framework published the first public BlueKeep proof-of-concept exploit.
  • In late October, malware authors started using this BlueKeep Metasploit module in a real-world campaign. Microsoft has an article about this malware campaign here.
  • According to BinaryEdge, there are roughly 700,000 internet-connected Windows systems that are vulnerable to BlueKeep, and have yet to receive patches.

You can also visit www.reimageplus.com if you are someone who needs assistance with your computer.

Source: https://www.zdnet.com/article/microsoft-warns-users-to-stay-alert-for-more-bluekeep-attacks/

Tags: Bluekeep Microsoft
Share on Facebook Share on Twitter
Previous Article
Microsoft successfully archives Warner Bros. ‘Superman’ movie on a piece of glass
Next Article
Facebook’s plan to integrate Messenger, WhatsApp and Instagram might be tougher than it looks

About Author

Kerry.Hershey

Related Posts

  • Ransomware access broker steals accounts via Microsoft Teams phishing

    September 13, 2023
  • Abnormal Security: Microsoft Tops List of Most-Impersonated Brands in Phishing Exploits

    September 7, 2023
  • FBI: Hackers Are Having a Field Day With Open-Source AI Programs

    August 10, 2023

16 Comments

  1. http://tinyurl.com/quest-bars-cheap-29875 Reply
    November 23, 2019 at 1:40 pm

    Hey very nice blog!

  2. http://tinyurl.com/w34b9z9 Reply
    November 24, 2019 at 9:18 pm

    I read this post completely concerning the difference of most
    up-to-date and previous technologies, it’s remarkable article.

  3. mobile legends Reply
    December 3, 2019 at 7:38 pm

    Post writing is also a fun, if you be familiar with after that you
    can write if not it is difficult to write.

    • Kerry.Hershey Reply
      December 3, 2019 at 8:38 pm

      Thank you.

      Best Regards,
      Kerry Hershey

  4. Royal CBD gummies Reply
    February 18, 2020 at 4:57 pm

    Thanks a lot for the post.Really looking forward to read more. Awesome.

    • Kerry.Hershey Reply
      February 18, 2020 at 8:23 pm

      Thank you.

      Best Regards,
      Kerry Hershey

Leave a Reply

Cancel reply

Scan Now

Categories

  • Business
  • Computer Help
  • Emerging Technology & News
  • Privacy and Security
  • Reviews

Reviews

Reimage Social

Security

Popular Posts

  • PCWorld calls Reimage “A Fantastic Repair Utility “ July 26, 2011 Reviews
  • 4 Ways to Keep the Ghouls & Goblins Away From Your PC October 26, 2010 Archive
  • The PC Key to Happiness – A Properly Maintained OS September 2, 2010 Archive
  • Google says hacked websites were attacking iPhones for years September 12, 2019 Privacy and Security

Random Posts

  • Rishi Sunak: VAT cut to be extended for hospitality sector September 24, 2020 Business
  • Google reverse image search for your phone or browser: How to do it and why March 16, 2021 Computer Help
  • Facebook pulls down hundreds of fake accounts tied to marketing firms in India and Egypt March 2, 2020 Emerging Technology & News
  • Microsoft Asks Windows Users to Share Potentially Insecure Drivers December 13, 2021 Privacy and Security
© Copyright 2019
We use cookies to ensure that we give you the best experience on our website.Ok