<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=1354242&amp;fmt=gif">

What is a Bluekeep vulnerability?

Bluekeep Overview

BlueKeep is a critical vulnerability found in Microsoft server software called Remote Desktop Services. This vulnerability has the potential to be exploited by cybercriminals to launch ransomware, malware or other attacks.

Best Practices for Securing Bluekeep

Patching the affected systems is the ideal next step. We recommend that your clients take the following steps to address their Bluekeep vulnerability.  

  1. Work with their IT team to investigate the vulnerability 

  2. Patch the affected systems. If they are unable to install the updates that Microsoft has issued, they should implement appropriate mitigations: 

    • Enable Network Level Authentication (NLA) on systems running running supported editions of windows, OR
    • Block TCP port 3389 via enterprise perimeter firewall, OR 
    • Disable remote desktop services when they are not required

     

    Corvus is also here to answer questions about how to resolve an issue.

Learn more about Bluekeep 

Recent Articles

Q3 Cyber Threat Report: The Ransomware Ecosystem is Increasingly Distributed


Ransomware attacks remained high in Q3 2024 thanks to the RansomHub, PLAY, and LockBit 3.0 ransomware gangs. Check out the full cyber report for more info.

Q2 Cyber Threat Report: Ransomware Season Arrives Early


In this report, our threat intel team highlights our critical cyber threat and ransomware findings from Q2 2024 and what it means for the threat landscape.

Global IT Meltdown: CrowdStrike Software Update Causes Broad Outages


On July 19, 2024, the world woke up to a massive IT outage caused by cybersecurity firm CrowdStrike that affected numerous industries across the globe.