HomeWinBuzzer NewsWindows Vulnerability Leaves 1 Million Devices Open to WannaCry-Like Attack

Windows Vulnerability Leaves 1 Million Devices Open to WannaCry-Like Attack

Researchers say the BlueKeep vulnerability in Windows is still active despite a recent Microsoft patch, with one million devices affected.


One million users have been left open to attack because of a Windows flaw that could lead to a -style ransomware attack. Security researcher describe the bug as “wormable”, leaving machines vulnerable to attack despite issuing a recent patch.

During the company's Patch Tuesday rollup for May, a fix was sent out for the flaw dubbed CVE-2019-0708. However, researchers claim devices remain vulnerable to the attack known as .

Microsoft told users to update to the fixes as soon as possible as the vulnerability could be expanded. New information shows one million devices are still open to the attack. According to security experts, attackers are already seeking ways to exploit the flaw.

“That means when the worm hits, it'll likely compromise those million devices,” said Robert Graham, researcher with Errata Security in a Tuesday analysis, as reported by ThreatPost. “This will likely lead to an event as damaging as WannaCry and notPetya from 2017 – potentially worse, as have since honed their skills exploiting these things for ransomware and other nastiness.”


BlueKeep is a dangerous vulnerability because it can be executed by bad actors remotely. It is located in Remote Desktop Services on older Windows legacy builds such as Windows 7, Windows XP, AND Server 2003 and 2008.

“This [bug] would have the potential of a global WannaCry-level event,” said Chris Goettl, director of product management for security at Ivanti, during Patch Tuesday. “What's more, Microsoft has released updates for Windows XP and Server 2003 (which you wouldn't have found unless you were looking at the Windows Update Catalog). So, this affects Windows 7, Server 2008 R2, XP and Server 2003.”

While Microsoft is still attempting to resolve the vulnerabilities, software vendors and OEMs are cautioning users.

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News