Microsoft warns of Windows BlueKeep attacks
BlueKeep is an unauthenticated remote code execution flaw that affects most commonly used Microsoft products.
The Microsoft Defender ATP Research Team (Microsoft Defender ATP Research Team) recently released a statement that the BlueKeep attacks discovered on November 2 are, in essence, connected to a public campaign. Mining cryptocurrency since September, using the same command and control server infrastructure (C2).
BlueKeep is an unauthenticated remote code execution vulnerability affecting most commonly used Microsoft products such as Remote Desktop Services on Windows 7, Windows Server 2008 and Windows Server 2008 R2. The patch was released by the company on May 14.
However, this vulnerability is showing signs of returning with a series of newly recorded reports, prompting the Microsoft Defender ATP Research Team to issue a notice calling users to immediately deploy patches for systems. Windows is vulnerable to BlueKeep.
Microsoft forecasts hackers will take advantage of BlueKeep to deploy more dangerous and complex attacks in the near future: "BlueKeep will be used by hackers as a factor to help deploy more malicious payloads, more efficient, and thus causing greater damage than was abused by previous cryptocurrency miners. '
After collecting and analyzing Indicators of Compromise (IoC) as well as some other related data, Microsoft security researchers found that a mining operation The previous virtual in September was closely related to the infrastructure of only the C2 server used in the BlueKeep Metasploit campaign in October. This shows that hackers have orchestrated cryptocurrency mining attacks and eventually combined with BlueKeep to deploy more sophisticated malicious activities.
BlueKeep will no longer be a threat unless users install the latest patch, and the overall security situation is strictly controlled.
You can visit the address below to find more information about security patches released by Microsoft to deal with current security vulnerabilities, including BlueKeep:
Microsoft warns of Windows BlueKeep attacksPlease share this article to your friends
- Windows 7 users need to install Microsoft patches immediately to fix BlueKeep security errors
- Install the patch immediately for Windows Server & Windows 10 to run IIS so that it will not be attacked by DOS
- Microsoft released a serious patch in IE9 and Windows
- Microsoft patched a critical vulnerability in Windows
- Microsoft warns of the dangerous usage habits of millions of users
- Microsoft warns users not to install Chrome and Firefox
- New worm attacks attack dangerous Windows errors
- Microsoft warns, clicking Check for Updates will make the new Windows 10 update unstable
- Summary of popular network attacks today
- Microsoft warns of errors on updates for Windows 7
- Microsoft blocked IE attacks with smart tactics
- The 4 most popular network attacks towards older people in 2018