Earlier this month, Microsoft released a patch for a critical vulnerability in Windows Remote Desktop Services. The vulnerability, assigned CVE-2019-0708 and dubbed ‘BlueKeep’, was considered serious enough for Microsoft to make the rare decision to release patches for various out-of-support operating system versions, as far back as Windows XP.
As the Microsoft advisory states, ‘the vulnerability is “wormable”, meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017.’ Windows 8 and 10 are unaffected, but the soon-to-be-out-of-support Windows 7 is vulnerable.
Two weeks after the patch release, security researcher Rob Graham has claimed to have detected almost 1m Internet-accessible devices still vulnerable, warning that ‘hackers are likely to figure out a robust exploit in the next month or two and cause havoc with these machines.’
Please ensure that all Internet-facing devices running vulnerable Windows OS versions are fully-up-to-date.