For many months, security researchers have been warning the public release of BlueKeep code, a worm that exploits vulnerabilities in earlier versions of Windows. The worm can spread from computer to computer as the worm did WannaCry Two years ago.
Χθες Παρασκευή, το Metasploit framework - ένα tool open source code used by white and black hat hackers, added a module containing the exploit. So right now it's out there, ready for attacks.
The new module, published for development on Github, does not yet have the credibility of the EternalBlue exploit developed by the NSA and later used in WannaCry.
For example, if users using the new module specify an incorrect version of Windows that they want to attack, they are likely to see a BSOD on their computer.
For the exploit to work on servers it requires some changes to the default settings in the form of a amendments in registry which enables audio sharing.
Instead, with the EternalBlue exploit - released by the team Shadow Brokers in April at 2017 - it cannot work seamlessly on a wide range of Windows versions and their default settings.
One month after the leak, the EternalBlue released as Wannacry ransomware and hit computers worldwide.
As mentioned earlier, Metasploit developers have added this exploit to the penetration test tool, but it doesn't seem to be as flexible as the EternalBlue exploit. But it is still quite effective.
Microsoft has already warned several times for a Windows error, which could lead to another WannaCry
The defect has been registered as CVE-2019-0708 και είναι γνωστό με το όνομα BlueKeep, βρίσκεται σε προηγούμενες εκδόσεις των υπηρεσιών Remote desktop και επηρεάζει τα συστήματα Windows 2003, XP, Vista 7, Server 2008 R2 και Server 2008.
If you have any of the above systems, update your computers immediately.