Learn more about Bluekeep, it's risks, and how to help your client properly secure their infrastructure.
BlueKeep is a critical vulnerability found in Microsoft server software called Remote Desktop Services. This vulnerability has the potential to be exploited by cybercriminals to launch ransomware, malware or other attacks.
Best Practices for Securing Bluekeep
Patching the affected systems is the ideal next step. We recommend that your clients take the following steps to address their Bluekeep vulnerability.
- Work with their IT team to investigate the vulnerability
- Patch the affected systems. If they are unable to install the updates that Microsoft has issued, they should implement appropriate mitigations:
- Enable Network Level Authentication (NLA) on systems running running supported editions of windows, OR
- Block TCP port 3389 via enterprise perimeter firewall, OR
- Disable remote desktop services when they are not required
- Let Corvus know that the vulnerability has been resolved or mitigated by emailing firstname.lastname@example.org. We're also here to answer questions about how to resolve an issue.