Microsoft Warns Users against BlueKeep RDP Flaw; Immediate Update Advised, Again!

Microsoft Warns Users against BlueKeep RDP Flaw; Immediate Update Advised, Again!

Microsoft has beseeched its users all over again to get
their systems updated because as it turns out hackers already have exploits of
the BlueKeep RDP flaw, already.

The patch has been fabricated for the “wormable” BlueKeep Remote
Desktop Protocol (RDP) vulnerability; therwise the hackers could easily
perform a “WannaCry” level attack.
The first warning was sent by Microsoft on May 14 when they’d
released a patch for another serious Remote Code Execution vulnerability,
CVE-2019-0708.
Successful exploitation of this vulnerability leads to the
hacker executing an arbitrary code on the windows machine and installing
programs.

 The term “Wormable” refers to the fact that any future
malware exploits could contagiously spread from one system to another.

According to sources, this vulnerability is of
pre-authentication type and needs no user interaction.
Any attacker who could easily exploit this vulnerability
could install programs, edit, and view or delete data and even create new
accounts with complete user rights.
Microsoft has a strong hunch that the cyber-cons already have
fully developed plans for exploiting the aforementioned vulnerability.

More than a million PCs are susceptible to these wormable,
BlueKeep RDP flaws.

A security researcher conducted RDP scan hunting for port
3389 used by Remote Desktop to find potentially and current vulnerable devices.

Major Anti-Virus brands such as Kaspersky, McAfee, Check
Point and Malware Tech developed a Proof-of-Concept (PoC) that would use the
CVE-2019-0708 to remotely execute the code on victim’s system.

So it happens, numerous corporate networks are under the
threat and are still vulnerable more than individuals are as more systems are
connected in a single network.
A single compromised system of a corporate network could put
the entire organization and its systems in danger.
The compromised device could be used as a gateway and as it’s
a “wormable” attack it could easily propagate across networks.
The most the users could do is keep their systems updated
and their security as tight as possible as future malware could also try hacking
back in.
·      Update
systems as soon as possible
·      Block
Remote Desktop Services if they are not in use
·      Block
TCP port 3389 at the Enterprise Perimeter Firewall
·      Apply
the patch to the vulnerable systems and devices that have RDP enabled

Share this with Your friends:

Leave a Reply

Your email address will not be published. Required fields are marked *