As BlueKeep Vulnerability is out there in the wild, many have left it unaddressed due to its gentle approach to date. This was warned to be dangerous anytime and to keep oneself safe from it, is to check if they’re vulnerable or not. Here’s a new tool that scans the RDP of your system to explore BlueKeep’s vulnerability.
BlueKeep Vulnerability (referred to as CVE-2019-0708), is a security issue that was discovered in the Remote Desktop Protocol (RDP), a feature developed by Microsoft for network communications. This RDP uses the TCP port 3389 and UDP port 3389 for activating communications among systems in a network. As this port is open to the internet for connecting, it can be exploited to execute malicious code remotely.
Saving from this attack is the primary scanner from ESET, a Slovakian CyberSecurity firm that scans the system’s integrity and provides according to patches to secure. With no much commands, this executable software is easy to be deployed and scan.
The company said, “This is a single-purpose tool intended for personal use and is not intended to be deployed for mass use in an automated environment.”
How Hard It Is?
A recent known attack on this BlueKeep vulnerability is by a hacker group dumping malicious code remotely and trying to mine cryptocurrencies from the victim’s hardware. Though there were no hard instances to date, this vulnerability is considered potentially dangerous for greater hacks in the future.
Softwares as Windows 7, Windows Server 2008 R2 and Windows Server 2008 are potentially being targeted due to their outdated OS and no security updates. Not just limited to such older versions, this vulnerability is found active on the latest versions of Windows 10 as they too possess the RDP tech.
Microsoft has warned enough about this to its users, yet, hundreds of thousands of computers are still ready to be attacked as they haven’t yet patched their ports. One way to get away for this is to patch your systems with the latest update from Microsoft. Even before that, check whether your system is vulnerable to this or not.
Download the tool here and check: ESET Checker
Besides this, there are other tools as BKScan by NCC Group and RDP scanner by Robert Graham from Errata Security.