Before starting with the measures, we will discuss BlueKeep. It is a bug or a vulnerability that attacks systems and makes the workings tough. This bug has kept many researchers up at night. Researchers have a threat from BlueKeep. It can control systems and lock them. The same issue was faced when two viruses namely, WannaCry and NotPetya were spread unconditionally and locked several systems. Unlike any other bugs, these are the most dangerous ones.
BlueKeep has the highest degree of threat for which Microsoft is the first one to work hard for users to apply patches.
New Release – CANVAS 7.23: This release features a new module for the RDP exploit, BLUEKEEP. Check out our video demonstration here: https://t.co/azCuJp1osI #bluekeep #cve20190708 #exploit
— Immunity Inc. (@Immunityinc) July 23, 2019
A warning has been issued for the effects of BlueKeep vulnerability. The DHS, NSA, the UK’s National Cyber Security Centre, and a few other countries are working on the exploit for this bug.
Moving ahead, it was hard for the researchers to believe that such malware existed. They simply didn’t want to believe that this existed as this is the most harmful vulnerability to date.
However, Immunity, which is a long-time US government contractor, made an announcement n the development of an exploit to fight against BlueKeep. This was included in its penetrating testing toolkit CANVAS. This is available only to the users who will pay a specific amount to get the protection against BlueKeep.
Questions are being raised for this decision of Immunity but the Company sticks to the decision firmly.
According to Aitel, BlueKeep is accessible by all the good as well as the bad guys. There is a chance of misusing the vulnerability. Therefore, Aitel insists to take immediate actions before the bad guys take over. Aitel also insists upon the usage of a working exploit which is just like ye one established by his researchers.
References:
https://support.microsoft.com/en-us/help/4500705/customer-guidance-for-cve-2019-0708
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708
https://github.com/nccgroup/Cyber-Defence/blob/master/Signatures/suricata/2019_05_rdp_cve_2019_0708.txt
Laila Azzahra is a professional writer and blogger that loves to write about technology, business, entertainment, science, and health.