https://techcrunch.com/2019/06/17/cisa-bluekeep-working-exploit/
By Zack Whittaker
TechCrunch
June 17, 2019
Homeland Security’s cyber agency says it has tested a working exploit for
the BlueKeep vulnerability, capable of achieving remote code execution on
a vulnerable device.
To date, most of the private exploits targeting BlueKeep would have
triggered a denial-of-service condition, capable of knocking computers
offline. But an exploit able to remotely run code or malware on an
affected computer — an event feared by government — could trigger a global
incident similar to the WannaCry ransomware attack in 2017.
The Cybersecurity and Infrastructure Security Agency (CISA) confirmed in
an alert Monday it had used BlueKeep to remotely run code on a Windows
2000 computer.
Windows 2000 was not included in Microsoft’s advisory. A spokesperson for
CISA said the agency “coordinates with external stakeholders to validate
vulnerabilities.”
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
