Microsoft's security team believes BlueKeep's most destructive attacks are coming and encourages users and companies to install updates if they haven't done so yet.
The company's warning came when security investigators discovered the first malware campaign using BlueKeep's vulnerability.
The attacks, which were discovered last weekend, were using BlueKeep to break into Windows systems that had not been updated and to install a cryptocurrency miner.
Many security researchers have underestimated the attacks and have not considered the campaign BlueKeep has been using for the past six months as a campaign that could lead to major disasters.
This is because although Microsoft announced that BlueKeep could be used to build worm (self-spreading) malware, the attacks that occurred during duration over the weekend did not show a malware that could spread itself.
Attackers were scanning the internet for vulnerable systems and attacks were made on each system that had not been updated, one at a time, using a BlueKeep exploit, and then installing a cryptocurrency miner.
This, of course, is not similar to the catastrophic outbreak that Microsoft reported could cause BlueKeep. In addition, in many cases the BlueKeep exploit failed to work, but it destroyed the systems.
But Microsoft continues to say that this is only the beginning, and that the attackers will perfect their attacks. The company says the worst is coming.
“While there have been no other confirmed ransomware attacks or other types of malware to date, the BlueKeep exploit will likely be used to delivery malware more damaging than miners”, said today Microsoft.
So Microsoft is encouraging users (for the third time this year) to install the updates they release immediately.