×

Registration

Profile Informations

Login Details

or login

First name is required!
Last name is required!
First name is not valid!
Last name is not valid!
This is not an email address!
Email address is required!
This email is already registered!
Password is required!
Enter a valid password!
Please enter 6 or more characters!
Please enter 16 or less characters!
Passwords are not same!
Terms and Conditions are required!
Email or Password is wrong!

Microsoft Again Warns Users To Patch BlueKeep Wormable Windows Bug

Earlier this month, we brought you news of an incredibly nasty remote code execution vulnerability affecting Windows systems; specifically, Windows 7, Windows Server, Windows Server 2008 R2, Windows Server 2008, and even the ancient Windows XP. Microsoft in fact was so worried about this WannaCry-style malware that it even pushed out a patch for Windows XP; an operating system that has been officially supported for years.

Microsoft

At the time, Microsoft stated, "It is important that affected systems are patched as quickly as possible to prevent such a scenario from happening. In response, we are taking the unusual step of providing a security update for all customers to protect Windows platforms, including some out-of-support versions of Windows."

Apparently, not enough of its customers are heeding its warning, as Microsoft is once again imploring them to patch affected systems immediately. The exploit, known colloquially as BlueKeep (CVE-2019-0708), has reported infected nearly a million internet-connected computers around the globe. 

"Many more within corporate networks may also be vulnerable. It only takes one vulnerable computer connected to the internet to provide a potential gateway into these corporate networks, where advanced malware could spread, infecting computers across the enterprise," writes Microsoft via a TechNet blog. 

“Our recommendation remains the same. We strongly advise that all affected systems should be updated as soon as possible."

BlueKeep is listed a "critical" vulnerability found within Remote Desktop Services and requires absolutely no user interaction to activate. As Microsoft explains:

At this point, Microsoft says that it has not seen any evidence of a real-world attack using the BlueKeep proof of concept. "It is possible that we won’t see this vulnerability incorporated into malware," Microsoft warns. "But that’s not the way to bet."

Go to Source