Microsoft Operating Systems BlueKeep Vulnerability

  • CERT Admin
  • Mon Jun 24 2019
  • Alerts

Systems Affected
  ✦  Windows 2000
  ✦  Windows Vista
  ✦  Windows XP
  ✦  Windows 7
  ✦  Windows Server 2003
  ✦  Windows Server 2003 R2
  ✦  Windows Server 2008
  ✦  Windows Server 2008 R2

Threat Level

High

Overview 

An Attacker can use this vulnerability to exploit and take control of the system.(CVE-2019-0708)

Description 

'BlueKeep' vulnerability exists within the Remote Desktop Protocol (RDP) used by the Microsoft Windows operating systems. An Attacker can exploit this vulnerability to perform remote code execution on an unprotected system.

An advisory from Microsoft confirmed that an attacker can send modified and specifically crafted packets to one of above operating systems that has RDP enabled. 'BlueKeep' is considered as a worm since exploiting this vulnerability on a system could propagate to other vulnerable systems and this use same pattern as WannaCry malware.

Impact 

  ✦  Adding accounts with full user rights
  ✦  Data modifications
  ✦  Install unwanted programs and applications

Solution/ Workarounds 

  ✻  Update the latest version of the Mozilla's Firefox on Windows, Linux and Mac.

References 

  ✦  Microsoft Security Advisory for CVE-2019-0708
  ✦  White House Press Briefing on the Attribution of the WannaCry Malware Attack to North Korea
  ✦  Microsoft Security Advisory for CVE-2019-0708
  ✦  Microsoft Customer Guidance for CVE-2019-0708

Disclaimer 

The information provided herein is on "as is" basis, without warranty of any kind.
 

Last updated: Mon Jun 24 2019