![]() Microsoft themselves did not release any information about BlueKeep to companies that are part of its MAPP program – other than a request that everyone install the update with minimal delay. The development of this exploit came about as the result of an arduous process of reverse-engineering the patch released by Microsoft in May to examine what it was trying to fix. It also doesn’t require an active session on the target. The exploit works in a completely fileless fashion, providing full control of a remote system without having to deploy any malware. BlueKeep affects computers running Windows XP, Windows 7, Windows Server 2003, and Windows Server 2008. We hope this video convinces individuals and organizations who still haven’t patched that the BlueKeep vulnerability is a serious threat. ![]() In light of several reports showing that the number of unpatched RDP servers on the internet is still very high, despite warnings by experts and government agencies, we recorded a video that shows a proof-of-concept BlueKeep attack using an exploit developed by Christophe Alladoum of SophosLabs’ Offensive Research team.
0 Comments
Leave a Reply. |