The BlueKeep vulnerability is found in Microsoft Windows; it is said to be as dangerous as WannaCry, so it’s regarded as WannaCry 2.0. You should upgrade Windows immediately since the hackers can take remote control over your system by using the BlueKeep flaw. Otherwise, your PC will be at risk of the global attack.

BlueKeep Is Dangerous

The BlueKeep, CVE-2019-0708, is a security vulnerability discovered in the Remote Desktop Protocol of Microsoft Windows. The attackers can exploit this flaw to execute code remotely.

In fact, the BlueKeep was firstly discovered in May 2019, and it can invade all Windows NT-based versions of Microsoft Windows. An unwitting person leaked this virus on one computer network; soon, BlueKeep was spread rapidly cross continents.

WannaCry 2.0

This Windows security vulnerability seems to be more dangerous than the WannaCry occurred two years ago.

  • The WannaCry virus had affected all walks of life in 2017: ATMs in India, Russian banks, hospitals in the UK, German railways, French car manufacturers, a mall in Singapore, etc.
  • More than 230,000 computers in at least 100 countries are infected within just a few hours.

This time, the BlueKeep, regarded as WannaCry 2.0, puts almost a million Windows users are at risk of a highly spreadable ransomware attack.

Click to learn the ransomware prevention policy.

CVE-2019-0708

Warnings

  • Microsoft: Microsoft has given multiple warnings and told users to update their operating systems considering the potential severity of BlueKeep. The threat severity of BlueKeep is 9.8 out of 10 according to Microsoft.
  • Government agencies: there are many government agencies including US National Security Agency, UK’s National Cyber Security Centre, and the Australian Cyber Security Centre (ACSC) urge Windows user to install the Microsoft security patch as fast as they can. ACSC also warned that significant and widespread harm will be brought by BlueKeep throughout the world.
  • Sophos: engineers working at the British cybersecurity company Sophos have demonstrated how the cybercriminals get full control of a Windows system remotely by using BlueKeep, without deploying any malware. Sophos also said there are other companies who have found at least one way to exploit this BlueKeep vulnerability.
  • McAfee: this famous security software company, pointed out that BlueKeep is harmful to many Windows systems (see details in the next section).

BlueKeep warning

At present, there are still 805,665 devices which are vulnerable to the devastating BlueKeep flaw, according to the BitSight status update. And there will be more since the exploit is “wormable”, which means that the attackers can spread malware to other systems easily as long as they access to one system.

Are You Safe

McAfee urges users to install the patch for BlueKeep if they are running Windows 2003, Windows XP, Windows 7, Windows Server 2008 and Windows Server 2008 R2, which are at high risk (click to see how to recover files from Windows Server). As for Windows 8 and Windows 10 users, they don’t need to worry since the virus will not affect them.

By taking advantage of BlueKeep, the cybercriminals are able to get access to your system easily; then, they will execute code remotely to install programs (keyboard recorder or ransomware) so as to steal your private data.

If you find the files you need are deleted by virus, hurry up to recover them by these steps:

Full Guide: Recover Files Deleted by Virus Attack
Full Guide: Recover Files Deleted by Virus Attack

Can you recover files deleted by virus attack? Definitely, you can. Here are several solutions to help you recover files quickly and safely.

Read More

Advices from Australian Cyber Security Centre

BlueKeep is a ticking time-bomb, so ACSC gives many advices to it:

  • Patch, patch, patch, monitor your networks, and then patch some more.
  • For the vulnerable Windows users, they should deny the direct access to Remote Desktop Protocols (RDP) from the internet and adopt a VPN with multifactor authentication, whenever the internet based access to RDP is needed.

The BlueKeep vulnerability is readily available to cyber criminals who seek to exploit vulnerable systems en masse. These criminal groups are not necessarily targeting unsuspecting users; they’re simply sweeping the landscape for vulnerable, outdated systems that are easily penetrable.– Australian Cyber Security Centre

Face up to the horrible BlueKeep vulnerability; it can control your computer without any authentication. Please visit the CVE-2019-0708 security portal of Microsoft directly if you suspect your computer is also at risk.

  • linkedin
  • reddit

About The Author

Sarah

Position: Columnist

Sarah has been working as an editor at MiniTool since she graduated from university. Sarah aims at helping users with their computer problems such as disk errors and data loss. She feels a sense of accomplishment to see that users get their issues fixed relying on her articles. Besides, she likes to make friends and listen to music after work.

User Comments :