Skip to main content

Older Windows devices at risk of classic hacks

Almost one million older Windows devices are still vulnerable to the BlueKeep security flaw even after Microsoft released a security patch to address the vulnerability.

The vulnerability, known as CVE-2019-0708, affects Windows Remote Desktop Services (RDS) and Microsoft has already addressed it with its May 2019 Patch Tuesday update.

The BlueKeep security flaw, which has been described as wormable, can be utilized by malware to spread in a similar way to how the WannaCry ransomware did back in 2017 through the EternalBlue exploit.

By sending specially created requests via the Remote Desktop Protocol (RDP), a hacker can exploit the flaw to execute arbitrary code and take control of a user's machine without their knowledge.

Microsoft has already released patches for Windows 7, Windows XP, Server 2008 and Server 2003. By enabling Network Level Authentication (NLA) Windows 7 and Server 2008 users can prevent unauthenticated attacks and alternatively the threat can be mitigated by blocking TCP port 3389.

BlueKeep security flaw

Researchers have already developed proof-of-concept exploits for BlueKeep though none have been released publicly. Many expect attacks exploiting the flaw to appear any day now and to make matters worse, industrial and medical products are also at risk.

By using the Masscan port scanner and a modified version of rdpscan, Errata Security's Robert Graham carried out an internet scan that found more than 923,000 devices which appear to be vulnerable to BlueKeep attacks.

Graham also identified more than 1.4m machines that have been patched to protect them from BlueKeep and around 1.2m devices that cannot be exploited online since they're using NLA or the Credential Security Support Provider protocol.

If you're unable to install the latest security patch from Microsoft to protect your devices from the BlueKeep security flaw, thankfully opatch has released a micropatch which can be easily applied to vulnerable systems.

  • We've also highlighted the best antivirus to help keep your systems protected from the latest cyber threats

Via Security Week



from TechRadar - All the latest technology news http://bit.ly/2XfAysL
Labels:

Comments

Post a Comment

Popular posts from this blog

TalentLMS

 
Post a Comment
Read more

Airship acquires SMS commerce company ReplyBuy

Airship is announcing that it has acquired mobile commerce startup ReplyBuy . The startup (which was a finalist at TechCrunch’s 1st and Future competition in 2016) works with customers like entertainment venues and professional and college sports teams to send messages and sell tickets to fans via SMS. It raised $4 million in funding from Sand Hill Angels, Kosinski Ventures, SEAG Ventures, Enspire Capital, MRTNZ Ventures and others, according to Crunchbase . Airship, meanwhile, has been expanding its platform beyond push notifications to cover customer communication across SMS, email, mobile wallets and more. But CEO Brett Caine said this is the first time the company is moving into commerce. While sports and concerts tickets might not be a booming market right now, Caine suggested that the company is actually seeing increased purchasing activity “in and around the Airship platform” as businesses try to drive more in-app purchases. He also suggested that both the COVID-19 pandem...
Post a Comment
Read more