June 2019 Threat Intelligence (CRITICAL ALERT)
The US National Security Agency (NSA) is warning Microsoft Windows users of a major security vulnerability. The NSA recommends that Windows administrators update their systems to protect against CVE-2019-0708, also known as “BlueKeep.”
Although Microsoft issued a patch for CVE-2019-0708 in May, they predict that one million devices were not issued with the update and are left highly vulnerable.
BlueKeep is a type of malware that exposes those with old Windows versions to cyberattacks. Microsoft and the NSA are urging Windows 7, Windows XP and Server 2003 and 2008 users to update their systems immediately.
Microsoft has issued a warning stating that almost 1 million computers connected to the internet are presently vulnerable to the ‘BlueKeep’ worm, particularly leaving those within a corporate network at risk.
“It only takes one vulnerable computer connected to the internet to provide a potential gateway into these corporate networks, where advanced malware could spread, infecting computers across the enterprise.”
Along with Microsoft’s warning, the NSA released its alert:
"It is likely only a matter of time before remote exploitation code is widely available for this vulnerability, NSA is concerned that malicious cyber actors will use the vulnerability in ransomware and exploit kits containing other known exploits, increasing capabilities against other unpatched systems."
The BlueKeep worm has been considered highly dangerous. It is being compared to the ‘WannaCry’ virus, which infected hundreds of thousands of computers globally in 2017, causing billions of dollars in damage.
The NSA recommends security teams take 3 other steps, in addition to applying the patch, to keep attackers from taking advantage of BlueKeep: