Latest BlueKeep Exploit Impacted Patched Machines

Over the past few weeks, there have been reports of new exploits targeting the Windows Remote Desktop Protocol (RDP) “BlueKeep” vulnerability. BlueKeep was first disclosed in May and entails a bug in the Windows RDP that allows an attacker to gain remote code execution without any user interaction. Microsoft issued a patch for BlueKeep when the vulnerability was disclosed, and yet many Windows RDP users did not patch their systems, as research of conducted via Shodan has revealed. The news of the latest round of BlueKeep vulnerability exploits didn’t motivate Windows RDP users who hadn’t already patched their systems to reverse course, as the number of unpatched systems remained steady. However, even users of patched systems found their systems impacted with the latest round of exploits. More specifically, their machines crashed, a situation that initially confused researchers but that has since been investigated and is in the process of being rectified. The situation points out that even after a patch is released for a vulnerability, more exploits can be developed that require further action. Microsoft researchers warned that they “cannot discount enhancements that will likely result in more effective attacks.” Read the articles at Ars Technica, Microsoft, and The Register.