An existing critical vulnerability in Windows has seen an increase in exploitation by an attack known as BlueKeep (CVE-2019-0708).
The BlueKeep vulnerability is a high severity wormable security flaw in Microsoft’s Remote Desktop Services. The BlueKeep vulnerability was recently seen being exploited to install ransomware in systems in Spain.
The BlueKeep vulnerability affects a large number of Windows operating systems, from Windows 2000 all the way up to Windows 10. An attacker who successfully exploits this vulnerability can perform remote code execution on an unprotected system and potentially plant any type of malware, including cryptojacking payloads or ransomware.
*Ensure your Windows machines are patched with the latest updates.
*Configure Remote Desktop Services with Network Level Authentication
*Don’t expose RDP to the outside world unless the system is patched.