- May 4, 2019
- 801
The Metasploit module isn't as polished as the EternalBlue exploit. Still, it's powerful.
For months, security practitioners have worried about the public release of attack code exploiting BlueKeep, the critical vulnerability in older versions of Microsoft Windows that’s “wormable,” meaning it can spread from computer to computer the way the WannaCry worm did two years ago. On Friday, that dreaded day arrived when the Metasploit framework—an open source tool used by white hat and black hat hackers alike—released just such an exploit into the wild.
The module, which was published as a work in progress on Github, doesn’t yet have the polish and reliability of the EternalBlue exploit that was developed by the NSA and later used in WannaCry. For instance, if the people using the new module specify the wrong version of Windows they want to attack, they’ll likely wind up with a blue-screen crash. Getting the exploit to work on server machines also requires a change to default settings in the form of a registry modification that turns on audio sharing.
Exploit for wormable BlueKeep Windows bug released into the wild
The Metasploit module isn't as polished as the EternalBlue exploit. Still, it's powerful.
arstechnica.com