What Is It?
BlueKeep, referred to as CVE-2019-0708 by Microsoft, is a software vulnerability affecting older versions of Microsoft Windows. Its risk is significant because it attacks an operating system’s Remote Desktop Protocol (RDP), which connects to another computer over a network connection, according to Jeff Elder from avast.com.
“RDP has commonly been used as a method of remote access to work resources for people working from home. This vulnerability is just the latest in a series that has led to us recommending that clients not allow access to RDP from the internet. There are much more secure options now available for remote access, including services such as LogMeIn, which is included for our managed clients, or secure VPN connections.” Dave Ellis – Senior Network Technician for RMON Networks
Why Does It Matter?
This threat was first discovered in May and it’s pretty serious. So serious, that Microsoft released a patch for its outdated operating systems listed here:
- Windows 2000
- Windows Vista
- Windows XP
- Windows 7
- Windows Server 2003
- Windows Server 2003 R2
- Windows Server 2008
- Windows Server 2008 R2
The last time they took this step was during the May 2017 outbreak of the WannaCry ransomware virus. This ransomware attack exploited over 200,000 computers in 150 countries.
The Microsoft Security Response Center said that the vulnerability is ‘wormable’, and that future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe two years ago. A “worm” is a form of malware that replicates across the internet or local networks. These types of malware are especially concerning because they can spread by themselves. They don’t need to use a carrier program or file to infect other devices.
How You Can Stop It!
Almost ONE MILLION computers that are connected to the internet are vulnerable to BlueKeep. If you run Windows 7 or earlier you are vulnerable. If you haven’t already, you should download and install the Patches Microsoft released IMMEDIATELY. You can find them for Windows 7 and Server 2008 here, and for earlier operating systems here.
If everybody who is running Windows 7 or earlier implements this step, criminals trying to exploit RDP with BlueKeep will be dead in the water.
This newly found exploit has taught us all an important lesson. Keep up to date on patches and security updates. Furthermore, you should be updating your organization’s Windows operating system as soon as a new version is released. When you don’t update your software, you are leaving your business’ important data vulnerable. With BlueKeep hackers can hack directly into your computer if you haven’t been keeping up with security updates.
In addition to the right technology being in place, security education and training is the best way to prioritize the importance of Cyber Security to your employees. You can immediately start reducing your risk today by downloading our FREE Cyber Security Training Kit to kickstart your employee training. Also, we can offer you a free consultation for a network audit to find out where your cyber vulnerabilities lie.