Sorry, you need to enable JavaScript to visit this website.
Skip to main content

ACSC confirms the public release of BlueKeep exploit

Microsoft logo

The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of the overnight release of a working exploit for the vulnerability known as BlueKeep (CVE-2019-0708).

Australian businesses and users of older versions of Windows should update their systems as soon as practically possible, before hackers further refine their tools and tradecraft in order to fully utilise this exploit.

What you need to do

It is important that organisations and individuals operating older versions of Windows systems install Windows’ BlueKeep vulnerability patch - CVE-2019-0708, available at https://www.microsoft.com/security/blog/2019/08/08/protect-against-bluekeep/

Affected versions of Windows operating systems include;

  • Windows 7
  • Windows Vista
  • Windows XP
  • Server 2003 and
  • Server 2008 operating systems.

Windows users should deny access to Remote Desktop Protocols (RDP) directly from the internet, or utilise a Virtual Private Network (VPN) with multifactor authentication if Remote Desktop Protocols are required, regardless of the version of Windows you are running.

As a rule, it’s important to always install manufacturers’ updates as soon as possible.

Further information

The ACSC provided advice on how to protect systems against BlueKeep in June and August of 2019.

For the ACSC Advisory, including detailed mitigation advice visit here

Further information about CVE-2019-0708 (BlueKeep) is available on Microsoft’s website.

More information on protecting Australian Business Remote Desktop Protocol (RDP) services is available here.

To report a cybercrime, visit cyber.gov.au/report.

Date
September 7th, 2019