Mitigate Cyber

‘BlueKeep’ Critical Windows Remote Desktop Vulnerability

Earlier this month, Microsoft released a patch for a critical vulnerability in Windows Remote Desktop Services. The vulnerability, assigned CVE-2019-0708 and dubbed ‘BlueKeep’, was considered serious enough for Microsoft to make the rare decision to release patches for various out-of-support operating system versions, as far back as Windows XP.

As the Microsoft advisory states, ‘the vulnerability is “wormable”, meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017.’ Windows 8 and 10 are unaffected, but the soon-to-be-out-of-support Windows 7 is vulnerable.

Two weeks after the patch release, security researcher Rob Graham has claimed to have detected almost 1m Internet-accessible devices still vulnerable, warning that ‘hackers are likely to figure out a robust exploit in the next month or two and cause havoc with these machines.’

Please ensure that all Internet-facing devices running vulnerable Windows OS versions are fully-up-to-date.

Latest Articles

HAPPY SECURE NEW YEAR: HERE’S The cyber security trends to watch out for in 2021

It’s fair to say a lot changed in 2020. It was an unprecedented year, full of uncertainty, both economically and politically. 2021 has started much the same, with anytime, anywhere, remote working patterns remaining prevalent in the business world.

We are now, more than ever, reliant on our technology. But with that reliance comes the need to ensure it’s safe and secure usage. Here are the key cyber security trends to watch out for this year.

Read More »
Scroll to Top