Cyber Security Magazine
In a bid to stem the spread of BlueKeep, a ‘wormable’ malware that makes computer networks vulnerable to crippling ransomware attacks, Microsoft urges its users to update their systems to Windows 10. Machines running anything below Windows 8 are at great risk, cybersecurity researchers warned. The ominous piece of news comes two after the tech giant announced that the EternalBlue vulnerability had been fixed.
What exactly is BlueKeep, and how does it affect my system?
As Microsoft wrote in a blog post, BlueKeep, which also goes by the name of MITRE CVE-2019-0708, uses the OS’ Remote Desktop Services in order to take control of your computer. From a technical standpoint, the attacker will try to connect with your system via a Remote Desktop Protocol.
Once the connection has been established, the hacker will send specially crafted messages into your system. Since this gateway is pre-authorized, meaning that it does not require user interaction, it will pass into your computer unnoticed. And from there, bad things will begin to happen.
Simon Pope, Microsoft’s Director of Incident Response, declared that the MITRE CVE-2019-0708 is not dangerous per se, but it does possess the capacity of paving the way for ‘nastier’ malware, such as WannaCry or Maze.
In fact, according to a 2017 incident report, this very vulnerability allowed WannaCry to jump from system to system, at a head-spinning rate.
Is my computer at risk?
As Pope (not Alexander) pointed out, machines running Windows 10 or 8 are not at risk since the security updates prevent unauthorized entries through and RDP point. However, those running older version of Microsoft’s OS, such as 2003, XP, Vista, 7, R2, or Windows Server 2008, are at great risk. The company is currently working on a fix for BlueKeep, but, at the same time, encourages its customers to update their computers as fast as possible.
If you’re still wondering how many computers are running older versions of Windows, get this; according to the security report drafted by Microsoft, over one million machines are at risk due to BlueKeep.
That’s one million workstations running older versions of Windows. Why is that? Because deploying the latest version costs a lot of money. Some companies prefer to keep machines running XP or 7 because they’re just as stable as Window 10 or 8. Unfortunately, this attitude could very well lead to their downfall in the long run, since they are gateways for malware.
Wrap-up
Will Microsoft be able to solve the BlueKeep issue? It’s very unlikely since it took the company a couple of weeks to come up with a hotfix for EternalBlue. At this point, the best thing to do in order to prevent a cybernetic attack would be to update your operating system to the latest version.
This may be easy in case of a home computer, but challenging when it comes to large companies. However, as the risk outweigh the costs, a small investment can safeguard you against a future ransomware attack.
What’s your take on Microsoft’s latest security report? Head to the comments section and let us know.
