HomeWinBuzzer NewsMicrosoft: Update Windows or Risk Being Hit by BlueKeep-based Ransomware

Microsoft: Update Windows or Risk Being Hit by BlueKeep-based Ransomware

Microsoft says over 400,000 endpoints may still be vulnerable to BlueKeep, which has the ability to spread between PCs and cause widespread disruption.

-

is advising its Windows users to update their operating system or risk being open to a serious vulnerability. CVE-2019-0708, also known as BlueKeep, was discovered and patched back in May, but the company has seen an uptick in threats.

The attack method centers around a flaw in Windows' Remote Desktop Protocol and is especially significant because it's wormable. Simply, an attacker can create a malware that can spread from PC to PC in a widespread, WannaCry-like outbreak.

Users can fully mitigate the threat by installing the latest update. According to Microsoft, plenty of users are at risk of based attacks:

“Via open source telemetry, we see more than 400,000 endpoints lacking any form of network-level authentication, which puts each of these systems potentially at risk from a worm-based weaponization of the BlueKeep vulnerability,” its DART team said. “The timeline between patch release and the appearance of a worm outbreak is difficult to predict and varies from case to case.”

Second WannaCry-like Event Still Possible

As well as updates, DART recommends users internet listening RDP protect is behind a VPN, SSL Tunnel, or RDP Gateway. It has noted that worm outbreaks are largely unpredictable, though in this case exploit code is publically available, so it's only a matter of time.

The National Security Agency recently issued its own warning about BlueKeep. It deemed the vulnerability a significant risk, and warned of “a global WannaCry-level event”. The flaw affects versions from XP to Windows 7 and Server variants.

Microsoft previously put the number of vulnerable PCs at over one-million machines. Its nickname, BlueKeep, is a reference to the lack of security in Game of Thrones Red Keep, and its tendency to cause a blue screen.

SourceMicrosoft
Ryan Maskell
Ryan Maskellhttps://ryanmaskell.co.uk
Ryan has had a passion for gaming and technology since early childhood. Fusing the skills from his Creative Writing and Publishing degree with profound technical knowledge, he enjoys covering news about Microsoft. As an avid writer, he is also working on his debut novel.

Recent News