Microsoft Warns Users to Update Windows for BlueKeep Bug

Microsoft via an advisory has urged users to update their systems to avoid encountering ransomware attacks just like WannaCry.

The software giant said last week it has discovered “wormable” vulnerability in Remote Desktop Services for Windows. This loophole can enable hackers to remotely run malicious code such as malware or ransomware on a vulnerable computer.

The bug is named CVE-2019-0708 — more popularly known as BlueKeep. It is a “critical” vulnerability affecting computers running on Windows XP and later. It can also impact server operating systems. This vulnerability can be exploited to allow attackers full access to the computer, including its data.

The vulnerability allows the code to spread to other computers on the same network just like the WannaCry malware. WannaCry spread all over the world in 2017, resulting in billions of dollars in damages.

Microsoft said the vulnerability can get exploited, which can endanger PCs directly connected to the internet.  The tech giant said nearly one million worldwide might be affected.

An internet-wide port scanner has found that around 923,671 machines are vulnerable to BlueKeep on port 3389. This port is the one the Microsoft Remote Desktop feature uses.

However, this figure could increase substantially if servers at the enterprise firewall level are hit. There is a possibility that every other computer connecting to the hub face a similar fate.

As such, Microsoft said it strongly advises all affected systems to update as soon as possible.

Microsoft Warns Users to Update Windows for BlueKeep Bug

A Rare Warning

This bug is extremely dangerous that Microsoft had issued patches to its long-outdated operating systems. The affected OSes are Windows XP, Windows 2003, Windows XP, and Windows Vista. The company delivered the warning as if it is pleading its customers on bended knees.

Only Windows 8 and Windows 10 computers are not vulnerable to the bug, the tech giant said.

So far, McAfee, Check Point, and other security firms have claimed to have developed a working proof-of-concept code. It can at least produce a denial-of-service condition like shutting down a computer. But experts remain wary that hackers might have created a code that could unleash another major ransomware attack.

Marcus Hutchins, an independent malware researcher, said it took him an hour to discover how to exploit the vulnerability. He added in his tweet that it required four days to develop a working exploit code. While he declined to publish the code immediately, he called it “dangerous.”