<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=1354242&amp;fmt=gif">

What is a Bluekeep vulnerability?

Bluekeep Overview

BlueKeep is a critical vulnerability found in Microsoft server software called Remote Desktop Services. This vulnerability has the potential to be exploited by cybercriminals to launch ransomware, malware or other attacks.

Best Practices for Securing Bluekeep

Patching the affected systems is the ideal next step. We recommend that your clients take the following steps to address their Bluekeep vulnerability.  

  1. Work with their IT team to investigate the vulnerability 

  2. Patch the affected systems. If they are unable to install the updates that Microsoft has issued, they should implement appropriate mitigations: 

    • Enable Network Level Authentication (NLA) on systems running running supported editions of windows, OR
    • Block TCP port 3389 via enterprise perimeter firewall, OR 
    • Disable remote desktop services when they are not required

     

    Corvus is also here to answer questions about how to resolve an issue.

Learn more about Bluekeep 

Recommended Blogs

Black Basta Ransomware Has Extracted Over $100 Million From Victims
A Guide to MFA Bypass Attacks
A Guide to Funds Transfer Fraud
Record Ransomware Attacks: June 2023 Highest Month Ever
A Guide to Security Controls For Cloud-Based Organizations

Recent Articles

Five Emerging Cyber Claims Trends for 2025


Cyber risks will grow more complex in 2025. Using 2024 claims data, we’ve identified key trends to watch in the evolving threat landscape.

Cleo File Transfer Alert | December 2024


Cleo customers could be at risk due to a critical security flaw. Here's what you need to know.

November 2024: A Record-Breaking Month for Ransomware Attacks


In November 2024, ransomware activity reached an all-time high, with 632 reported victims listed to leak sites. Learn more in this ransomware update.