An anonymous reader quotes a report from ZDNet: Connected medical devices are twice as likely to be vulnerable to the BlueKeep exploit than other devices on hospital networks, putting patients and staff at additional risk from cyber attacks. This is especially concerning when healthcare is already such a popular target for hacking campaigns. BlueKeep is a vulnerability in Microsoft’s Remote Desktop…
Tag: bluekeep
A Widespread BlueKeep ‘Exploit’ Is Targetting Unpatched Windows 7/XP Computers
An anonymous reader quotes Forbes:
When Microsoft issued the first patch in years for Windows XP in May 2019, you knew that something big was brewing. That something was a wormable Windows vulnerability that security experts warned could have a similar impact as the WannaCry worm from 2017. The BlueKeep vulnerability exists in unpatched versions of Windows Server 2003, Windows XP, Windows…
Exposed RDP Servers See 150K Brute-Force Attempts Per Week
Slashdot reader Cameyo shares a report from TechRepublic: Remote Desktop Protocol (RDP) is — to the frustration of security professionals — both remarkably insecure and indispensable in enterprise computing. The September 2019 Patch Tuesday round closed two remote code execution bugs in RDP, while the high-profile BlueKeep and DejaBlue vulnerabilities from earlier this year have sent IT professionals in a patching…
Windows Update To Fix Critical ‘Wormable’ Flaws May Break VB Apps
“This week’s Windows updates fix critical ‘wormable’ [Bluekeep] flaws but may also break Visual Basic apps, macros, and scripts,” warns ZDNet: “After installing this update, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an ‘invalid procedure…
Penetration Testing Toolkit Includes Exploit For ‘Incredibly Dangerous’ Bluekeep Vulnerability
An anonymous reader quotes Vice: In May, Microsoft released a patch for a bug in several versions of Windows that is so bad that the company felt it even had to release a fix for Windows XP, an operating system that (has been unsupported) for five years. That vulnerability is known as BlueKeep, and it has kept a lot of security…
Large ‘GoldBrute’ RDP Botnet Hunts For Exposed Servers With Weak Passwords
The Internet Storm Center reports:
RDP, the remote desktop protocol, made the news recently after Microsoft patched a critical remote code execution vulnerability (CVE-2019-0708). While the reporting around this “Bluekeep” vulnerability focused on patching vulnerable servers, exposing RDP to the Internet has never been a good idea. Botnets have been scanning for these servers and are using weak and reused passwords to…