BlueKeep Courtesy Scan

At Go Security Pro, we are offering a courtesy BlueKeep scan to check if your network is exposing RDP services that could be exploited.

The BlueKeep vulnerability (CVE-2019-0708) is a remotely exploitable flaw in the Remote Desktop Protocol (RDP) Services on older versions of Windows.

In our Apply the BlueKeep Patch Now blog post, I detailed the systems it affects, which Microsoft patches to apply, why it is so critical, and other mitigating recommendations.

Today, seven weeks after our BlueKeep blog post and over two months since Microsoft issued the patch, a weaponized BlueKeep exploit is now baked into a commercially sold penetration testing toolkit.

On the Common Vulnerability Scoring System (CVSS) scale, BlueKeep is a 10.0, which is the highest possible score. A remote attacker with no privileges can gain complete control of a vulnerable system. All that is needed is network connectivity to a vulnerable RDP service.

If you have a vulnerable RDP service exposed to the Internet, it is only a matter of time before the system is compromised.

To claim your courtesy scan, please send an email to help@gosecuritypro.com and provide a listing of your public IP addresses you want us to scan. It can be a set of IP address ranges, CIDR blocks, or just a single IP address.

Even if you are fairly certain you are not impacted, take us up on the offer to verify.

Now is the time to take action.

To your security,
Geoff

About the Author