Home / Others / Microsoft warns or older BlueKeep vulnerability in Windows

Microsoft warns or older BlueKeep vulnerability in Windows

Illustration of article Title you need to repair your older Windows PCs right now to repair a serious flaw
Photo: Justin Sullivan (Getty)

If the idea of ​​someone with Windows XP in 2019 makes you laugh, I urge you to maintain that ingenuous ingenuity. Just leave now.

They left? Well, then, Windows XP, Vista and the rest of the operating systems that are not compatible are still very real, and they are everywhere.

The old software is still active in important places, such as the USA. UU Department of Defense and within the critical infrastructure of the nation. For those of you who are still Windows machines, Microsoft has a serious message: update as soon as possible.

Microsoft is warning that the vulnerability recently known as BlueKeep could have consequences, as well as WannaCry, the 2017 ransomware worm allegedly developed by North Korea that infected hundreds of thousands of computers.

Here is Pope Simon from Microsoft:

BlueKeep and WannaCry are similar in that they are vulnerabilities in Remote Desktop Services, so they allow an attack to execute the code remotely on a target computer. The vulnerability of BlueKeep, with a severity of 9.8 out of 10, is so serious that Windows took the measures of the old and normally unsupported versions of Windows, including XP, 2003 and Vista. Windows 8 and 10 are not affected by BlueKeep, but millions of older Windows machines are still used by countless companies and individuals around the world, sometimes even in critical infrastructure.

The company is concerned that the malware using BlueKeep's vulnerability is "wormable," meaning it could "spread from a vulnerable computer to a vulnerable computer," according to a Microsoft blog published on Thursday.

"Microsoft is confident that there is a vulnerability to this vulnerability, and if recent reports are accurate, a million computers are directly connected to the Internet and are still vulnerable to CVE-2019-0708, many more within corporate networks can also be vulnerable, "wrote Simon Pope of Microsoft.

There are farms. Cybersecurity firm McAfee says researchers there developed an exploit for the flaw. The exploited sales company Zerodium "confirmed the exploitability" or the failure as well.

"You only need a vulnerable computer connected to the Internet to provide a potential gateway to these corporate networks, where advanced malware could spread and infect computers throughout the company," the Pope wrote. "This scenario could be even worse for those who have not updated their internal systems with the latest fixes, since any future malware can also try to exploit more vulnerabilities that have already been fixed."

It has been two weeks since the solution for BlueKeep was launched. Two months pbaded from the patch for MS17-010 until the WannaCry malware exploited that vulnerability and spread around the world. The fact that the last two weeks have been quiet is not a guarantee for the future.

For organizations and giant companies, reality is rarely as simple as "patch now". Important computers can be considered too important for downtime. Or maybe there is not enough money and resources to maintain a smart patch schedule. If that is the case, administrators should deactivate the RDS (and probably consider doing it anyway unless it is necessary for you).

The reasons for the slow updates are innumerable, and what it means is that even weeks after a patch, around a million machines can remain vulnerable to critical vulnerabilities. That is why hackers rarely have to create their own vulnerabilities and attractive exploits: almost always there are countless outdated computers that can be attacked by old vulnerabilities that leave the doors open for attackers.

Zero-day vulnerabilities appear in the headlines, but it is usually one day and much later when the actual damage occurs.

Source link