Write a report in which you discuss the following case studies. Repeat each question and answer in full sentences. support all answers with proper
references. References may be hyperlinks.
Read up on the vulnerability dubbed ‘BlueKeep’ and answer the following:
1. What disclosure strategy was used when BlueKeep became public knowledge?
2. What is the BlueKeep CVE ID?
3. What is the BlueKeep CVSS Score?
4. Which STRIDE aspects apply to BlueKeep?
5. Are exploits currently available?
6. Have patched been released yet?
Read the article at https://arstechnica.com/information-technology/2017/09/massive-equifax-breach-caused-by-failure-to-patch-two-month-old-bug/
7. What is the CVE of this particular vulnerability?
8. Who discovered it?
9. What are the CVSS score of the vulnerability?
10. Has a patch been released? If so, when?
11. Has the vulnerability been exploited?
12. How easily available is the exploit?
13. What is the effect of successful exploitation?