BlueKeep exploit released by Metasploit team

bluekeep

Keeping in mind the availability of the BlueKeep Windows, a weaponized exploit has been released by the Metasploit developers.

In the past, defanged BlueKeep proof-of-concept code was released by other security researchers. According to the infosec professionals who reviewed this module of Metasploit, this exploit is quite advanced and can achieve code execution on the remote systems.

BlueKeep concept

BlueKeep is also termed as CVE-2019-0708 2019-0708. It is a vulnerability in the RDP or Remote Desktop Protocol service in older Windows’ version like operating system Windows Server 2008 R2, Windows Server 2008, Windows 7, Windows 2003 and, Windows XP.

In May 2019, BlueKeep was patched by Microsoft. The Patch Tuesday security fixes was released on 14th May and users were warned about immediate applications.

The OS marker described BlueKeep as a “wormable” vulnerability to spur the users into quick patching. This can lead to self-propagate similarly like EternalBlue exploits aids the WannaCry Ransomware transmit to several computers in the year 2017.

The community of cybersecurity has been holding their breath for the weaponized BlueKeep exploit release. They were afraid that it will also be abused in the same way and power the malware outbreak at the global level.

Microsoft has repeatedly told users to apply patches. the US Department of Homeland Security, the US National Security Agency (NSA), Germany’s BSI cyber-security agency, the UK’s National Cyber Security Centre, and the Australian Cyber Security Centre have given security alerts to users, urging them to patch old the previous Windows version. BlueKeep exploits have been developed by multiple cybersecurity researchers and security firms. But none of them release the code due to the fear of consequences.

The infosec community got afraid first in July when the cybersecurity company Immunity Inc. started selling a private BlueKeep exploit. This exploit always remained private.