Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay.
Patches released through the Critical Patch Update program are provided only for product versions that are covered under the Premier Support or Extended Support phases of the Lifetime Support Policy. Oracle recommends that customers plan product upgrades to ensure that patches released through the Critical Patch Update program are available for the versions they are currently running.
Microsoft has released a security advisory (ADV200001) that currently only includes workarounds and mitigations that can be applied in order to safeguard vulnerable systems from attacks. At the time of writing, there is no patch yet available for this issue. Microsoft said it is working on a fix, to be released at a later date.
US-CERT advises that the changes to accommodate/remediate this issue could impact one or more of our applications. As patches become available, we will test our applications in their context and provide our customers with any specific cautions or additional instruction.
As of 1 June 2019, no active malware of the vulnerability seemed to be publicly known; however, undisclosed proof of concept (PoC) codes exploiting the vulnerability may have been available. On 1 July 2019, Sophos, a British security company, reported on a working example of such a PoC, in order to emphasize the urgent need to patch the vulnerability. On 22 July 2019, more details of an exploit were purportedly revealed by a conference speaker from a Chinese security firm. On 25 July 2019, computer experts reported that a commercial version of the exploit may have been available. On 31 July 2019, computer experts reported a significant increase in malicious RDP activity and warned, based on histories of exploits from similar vulnerabilities, that an active exploit of the BlueKeep vulnerability in the wild might be imminent.
Durch die Deinstallation hat man zwar wieder ein funktionierendes Netzwerk, aber die Sicherheitslücke ist weiterhin offen. Eine mögliche Lösung des Problems habe ich im Blog-Beitrag 0day-Patch für CVE-2018-8174 von 0patch verfügbar angrissen.
The vulnerability was revealed after The Shadow Brokers hacking group published documents stolen from Equation Group on Saturday 13 August 2016. The exploit code was dubbed BENIGNCERTAIN and presumably was used by NSA operatives to infiltrate networks of government organizations and private companies. Neither Cisco has developed a patch for the flaw, nor any workarounds are available.
The vulnerability was revealed after The Shadow Brokers hacking group published documents stolen from Equation Group in 2013. The exploit code was dubbed BENIGNCERTAIN and presumably was used by NSA operatives to infiltrate networks of government organizations and private companies Neither Cisco has developed a patch for the flaw, nor any workarounds are available. Firstly the vulnerability received a patch back in 2011.