Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

Eugene

(62,651 posts)
Sat Jun 1, 2019, 02:35 PM Jun 2019

BlueKeep: Microsoft Issues 'Update Now' Warning To Windows Users (XP, Vista, 7, Server 2003, 2008)

Earlier thread: Old versions of Windows get a new patch to stop WannaCry-style attacks

______________________________________________________________________

Source: Forbes

Microsoft Issues 'Update Now' Warning To Windows Users

Davey Winder Contributor
Cybersecurity
I report and analyse breaking cybersecurity and privacy stories

Microsoft really does not have the greatest track record when it comes to those security and system fixes that are usually referred to as Patch Tuesday updates. Readers of Forbes will not need reminding how these updates have recently caused Windows to freeze or simply decided to install themselves and cause unexpected restarts. Indeed, I have had more messages from readers who are fed up with Windows updates than in relation to anything else I have covered on Forbes. Yet it is precisely these people that Microsoft is now urging to apply one particular set of updates released May 14, warning that unless they do at least a million computers might be exploited by a security threat that could be as damaging and costly as WannaCry was two years ago.

The warning, which reads almost as if Microsoft wrote it on bended knee, was posted on the Microsoft Security Response Center blog. Referring to the critical Remote Code Execution vulnerability, CVE-2019-0708, that has become better known as BlueKeep, Simon Pope, director of incident response at Microsoft, states that "Microsoft is confident that an exploit exists for this vulnerability." What's more, Pope says that such an exploit could "propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017." An internet-scale port scanner has already determined that there are at least 923,671 internet-facing machines which are vulnerable to BlueKeep on port 3389 which is used by the Microsoft Remote Desktop feature.

It is worth reading between the lines here, especially concerning that apparent confidence that a BlueKeep exploit exists. While it is not clear if Microsoft has intelligence that suggests active malware has been weaponized in this way, what we do know is that there is proof of concept (PoC) code available already. One BlueKeep demo on GitHub will crash a system that is vulnerable but does not execute the wormable threat that Microsoft is obviously so worried about. We also know, through the information security community on Twitter, that there are denial of service (DoS) exploits available, and that security researchers have been successful in developing wormable exploit code.

While Windows 8 and Windows 10 users are not impacted by this vulnerability, Windows 2003, Windows XP and Windows Vista all are. Despite all of those vulnerable systems being unsupported for some years, Microsoft made the patch available to users which shows just how concerned it is by the "WannaCry 2" threat. Windows 7 and Windows Server 2008 are also vulnerable.

-snip-


Read more: https://www.forbes.com/sites/daveywinder/2019/06/01/microsoft-begs-windows-users-to-update-now-citing-wannacry-2-security-threat/
Latest Discussions»Help & Search»Computer Help and Support»BlueKeep: Microsoft Issue...