Metasploit releases BlueKeep exploit, explains it’s for the good

The Rapid7 project Metasploit has finally released an exploit for the BlueKeep flaw disclosed in the May Patch Tuesday update. 

The BlueKeep flaw has prompted warnings from Microsoft and all Five Eye spy agencies to install Microsoft’s patches. 

Microsoft also provided patches for unsupported versions of Windows, fearing the BlueKeep Remote Desktop Protocol (RDP) bug could be as severe as 2017’s WannaCry ransomware outbreak that impacted 300,000 PCs worldwide using the NSA-built EternalBlue exploit. Both flaws could be used by attackers to create a worm that infects one vulnerable machine after another. 

The Australian Signals Directorate (ASD) warned Windows admins in August to “immediately” patch the BlueKeep bug in anticipation of today’s Metasploit release. According to ASD, more than 50,000 devices in Australia were potentially vulnerable in mid-August. 

The RDP bug affects Windows Vista, Windows 7, Windows XP, Server 2003 and Server 2008 operating systems, but not Windows 10.