{"id":12268,"date":"2019-06-02T15:14:17","date_gmt":"2019-06-02T15:14:17","guid":{"rendered":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/?p=12268"},"modified":"2022-10-14T18:28:51","modified_gmt":"2022-10-14T22:28:51","slug":"microsoft-confirms-our-concern-about-bluekeep-update-now","status":"publish","type":"post","link":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/security\/microsoft-confirms-our-concern-about-bluekeep-update-now.html","title":{"rendered":"Microsoft Confirms Our Concern about BlueKeep, Update Now"},"content":{"rendered":"\n<p>We <a href=\"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/security\/bluekeep-can-infect-almost-1m-machines-patch-now.html\">warned<\/a> on May 28th that BlueKeep is a major exploit and needs to be taken seriously. At the time it was reported about a million machines were vulnerable to it and it could cause a RansomWare attack or far worse.<\/p>\n\n\n\n<p>Microsoft agrees. They had this to say on May 30th:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p> On May 14,\u00a0Microsoft released fixes for a critical Remote Code Execution vulnerability,\u00a0<a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2019-0708\">CVE-2019-0708<\/a>, in Remote Desktop Services \u2013 formerly known as Terminal Services \u2013 that affects some older versions of Windows.\u00a0In our\u00a0<a href=\"https:\/\/blogs.technet.microsoft.com\/msrc\/2019\/05\/14\/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708\/\">previous blog post<\/a>\u00a0on this topic we warned that\u00a0the vulnerability is \u2018wormable\u2019,\u00a0and that\u00a0future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017.\u00a0\u00a0<br>Microsoft is confident that an\u00a0exploit exists for this\u00a0vulnerability, and\u00a0if\u00a0<a href=\"https:\/\/blog.erratasec.com\/2019\/05\/almost-one-million-vulnerable-to.html\">recent reports<\/a>\u00a0are accurate,\u00a0<em>nearly one million computers connected directly to the internet are\u00a0still\u00a0vulnerable to CVE-2019-0708<\/em>.\u00a0Many more within corporate networks may also be vulnerable. It only takes one vulnerable computer connected to the internet to provide a potential gateway into these corporate networks, where\u00a0advanced\u00a0malware could spread, infecting computers across the enterprise. This scenario could be even worse for those who have not kept their internal systems updated with the latest fixes, as any future malware may also attempt further exploitation of vulnerabilities that have already been fixed.\u00a0<br>It&#8217;s been only two weeks since the fix was released and there has been no sign of a worm yet. This does not mean that we\u2019re out of the woods. If we look at the events leading up to the start of the WannaCry attacks, they serve to inform the risks of not applying fixes for this vulnerability in a timely manner.\u00a0<br><strong>Our recommendation remains the same. We strongly advise that all affected systems should be updated as soon as possible.<\/strong>\u00a0 <\/p><\/blockquote>\n\n\n\n<p>If you know of unpatched computers, now is the time to update. Please be sure to let others know about the potential danger.<\/p>\n\n\n\n<p>See also:  <a href=\"http:\/\/www.apextechservices.com\/topics\/articles\/442289-cybersecurity-essentials-every-business.htm\">CYBERSECURITY ESSENTIALS FOR EVERY BUSINESS <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>We warned on May 28th that BlueKeep is a major exploit and needs to be taken seriously. At the time it was reported about a million machines were vulnerable to it and it could cause a RansomWare attack or far worse. Microsoft agrees. They had this to say on May 30th: On May 14,\u00a0Microsoft released<\/p>\n","protected":false},"author":44,"featured_media":12215,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[156],"tags":[1897,1796,284,1898],"post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts\/12268"}],"collection":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/users\/44"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/comments?post=12268"}],"version-history":[{"count":1,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts\/12268\/revisions"}],"predecessor-version":[{"id":12269,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts\/12268\/revisions\/12269"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/media\/12215"}],"wp:attachment":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/media?parent=12268"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/categories?post=12268"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/tags?post=12268"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}