CyberNews Briefs

US Govt Achieves BlueKeep Remote Code Execution, Issues Alert

The Cybersecurity and Infrastructure Security Agency (CISA) is urging users to patch the highly critical BlueKeep security flaw (CVE-2019-0708) that impacts Remote Desktop Protocol (RDP) implementations on older Windows operating systems. The agency, which operates under Department of Homeland Security oversight, issued the alert after achieving remote code execution on a vulnerable Windows 2000 machine.

Earlier this month, the National Security Agency (NSA) also issued a warning about BlueKeep. Microsoft released a patch for the flaw on May 14, and issued a second alert about it earlier this month after research suggested that close to a million devices remained vulnerable. BlueKeep is a very dangerous flaw because it could be used by threat actors to carry out a massive attack involving a worm, i.e. self-replicating malicious code, just like the 2017 global WannaCry outbreak.

Read more: US Govt Achieves BlueKeep Remote Code Execution, Issues Alert

 

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.