For many months, security researchers have been warning the public release of BlueKeep code, a worm that exploits vulnerabilities in earlier versions of Windows. The worm can spread from computer to computer as the worm did WannaCry Two years ago.
Yesterday Friday, the Metasploit framework – an open source tool used by white and black hats hackers, added a module containing the exploit. So right now it's out there, ready for attacks.
The new module, published for development on Github, does not yet have its credibility EternalBlue exploit developed by the NSA and later used in WannaCry.
For example, if users using the new module specify an incorrect version of Windows that they want to attack, they are likely to see a BSOD on their computer.
Working with exploit on servers requires some changes to the default settings in the form of a registry modification that triggers audio sharing.
Instead, with EternalBlue exploit - released by the team Shadow Brokers in April at 2017 - can not run smoothly on a wide range of versions of Windows and their default settings.
One month after leakage, the EternalBlue released as Wannacry ransomware and hit computers worldwide.
As mentioned earlier, Metasploit developers have added this exploit to the penetration test tool, but it doesn't seem to be as flexible as the EternalBlue exploit. But it is still quite effective.
Microsoft has already warned several times for a Windows error, which could lead to another WannaCry
The defect has been registered as CVE-2019-0708 and is known as BlueKeep, is found in previous versions of Remote Desktop Services and affects Windows 2003, XP, Vista 7, Server & Hosting R2008 and Server.
If you have any of the above systems, update your computers immediately.
