BlueKeep RDP Bug: 1 Million Windows Machines Exposed To Attacks

BlueKeep RDP Bug: 1 Million Windows Machines Exposed To Attacks

 A couple of weeks ago, Microsoft revealed details about a severe bug that exists in the Remote Desktop Protocol (RDP) in Windows OS.


The bug is called BlueKeep; it can be used to trigger remote code execution attacks. Microsoft warned that it’s “warmable,” which means some attacker can take advantage of the bug to create self-replicating exploits.



BlueKeep (CVE-2019-0708) affects older versions of the OS including Windows 7, Windows XP, Windows Vista, and Windows 2003. The list also includes Windows Server 2008 and 2008 R2.


The company advised users and companies running these versions to quickly install the latest security updates. Initially, it was believed that nearly 7.6 million devices were exposed to attackers because of the bug.


Errata Security’s researcher Robert Graham has now published a new report highlighting that the number of affected devices has now reduced to 950,000. In fact, a big chunk of the 7 million devices are not actually Windows systems.


For scanning the devices, the researcher used a tool called rdpscan (find it on GitHub). He developed the same by clubbing RiskSense’s BlueKeeper Scanner with his own tool called masscan.


However, Graham said that he wasn ..