Information Security News mailing list archives
Homeland Security has tested a working BlueKeep remote code execution exploit
From: InfoSec News <alerts () infosecnews org>
Date: Tue, 18 Jun 2019 07:13:39 +0000 (UTC)
https://techcrunch.com/2019/06/17/cisa-bluekeep-working-exploit/ By Zack Whittaker TechCrunch June 17, 2019Homeland Security’s cyber agency says it has tested a working exploit for the BlueKeep vulnerability, capable of achieving remote code execution on a vulnerable device.
To date, most of the private exploits targeting BlueKeep would have triggered a denial-of-service condition, capable of knocking computers offline. But an exploit able to remotely run code or malware on an affected computer — an event feared by government — could trigger a global incident similar to the WannaCry ransomware attack in 2017.
The Cybersecurity and Infrastructure Security Agency (CISA) confirmed in an alert Monday it had used BlueKeep to remotely run code on a Windows 2000 computer.
Windows 2000 was not included in Microsoft’s advisory. A spokesperson for CISA said the agency “coordinates with external stakeholders to validate vulnerabilities.”
[...]
-- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ https://twitter.com/infosecnews_
Current thread:
- Homeland Security has tested a working BlueKeep remote code execution exploit InfoSec News (Jun 18)