Microsoft warns users again to patch for wormable BlueKeep Exploit

Published by


Things are not going fast enough for Microsoft, as they have issued its another advisory this month urging users to update their systems to prevent a re-run of attacks similar to WannaCry.

The bug is named CVE-2019-0708 — more popularly known as BlueKeep. It is a “critical” vulnerability affecting computers running on Windows XP and later. It can also impact server operating systems. This vulnerability can be exploited to allow attackers full access to the computer, including its data. 

An internet-wide port scanner has found that around 923,671 machines are vulnerable to BlueKeep on port 3389. This port is the one the Microsoft Remote Desktop feature uses. Microsoft issued a second advisory this month on BlueKeep vulnerability, urging computer users to update their systems to prevent a re-run of attacks like WannaCry and NotPetya.

BlueKeep is a critical Remote Code Execution vulnerability in Remote Desktop Services which affects older versions of the Microsoft Operating System — Windows 2000, XP, Vista, Windows 7, Windows Server 2008 and Windows Server 2008 R2. The vulnerability stems from a “dangling pointer” bug in the Remote Desktop Services, which help provide a graphical interface for connecting to another computer over the Internet. Successful hackers can use this to access targeted computers via a backdoor with no login, password or user interaction.

Simply update and patch Windows. The affected OSes are Windows XP, Windows 2003, Windows XP, and Windows Vista. The company delivered the warning as if it is pleading its customers on bended knees. Only Windows 8 and Windows 10 computers are not vulnerable to the bug.

Share this content
Twitter Facebook Reddit WhatsApp Email Print