Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Homeland Security has tested a working BlueKeep remote code execution exploit

From: InfoSec News <alerts () infosecnews org>
Date: Tue, 18 Jun 2019 07:13:39 +0000 (UTC)
https://techcrunch.com/2019/06/17/cisa-bluekeep-working-exploit/

By Zack Whittaker
TechCrunch
June 17, 2019
Homeland Security’s cyber agency says it has tested a working exploit for the BlueKeep vulnerability, capable of achieving remote code execution on a vulnerable device.
To date, most of the private exploits targeting BlueKeep would have triggered a denial-of-service condition, capable of knocking computers offline. But an exploit able to remotely run code or malware on an affected computer — an event feared by government — could trigger a global incident similar to the WannaCry ransomware attack in 2017.
The Cybersecurity and Infrastructure Security Agency (CISA) confirmed in an alert Monday it had used BlueKeep to remotely run code on a Windows 2000 computer.
Windows 2000 was not included in Microsoft’s advisory. A spokesperson for CISA said the agency “coordinates with external stakeholders to validate vulnerabilities.” 

[...]


--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
Previous By Date Next
Previous By Thread Next

Current thread: