BlueKeep: Around one million devices could be vulnerable to a worm-like Microsoft bug
“This will likely lead to an event as damaging as WannaCry and notPetya from 2017 — potentially worse, as hackers have since honed their skills exploiting these things for ransomware and other nastiness,” said a blog post by researchers at Errata Security. The flaw, dubbed Bluekeep, was found in Remote Desktop Services and affects older versions of Windows, including Windows 7, Windows XP, Server 2003 and Server 2008. Errata Security researcher Robert Graham carried out a scan of devices using a tool called Masscan, to find the port (3389) used by Remote Desktop, the one used by Remote Desktop. While this found all open ports, Graham then used a Remote Desktop Protocol scanning project created by The Shadowserver Foundation, to find the million devices vulnerable to Bluekeep.