During the month of May, Microsoft issued an alert concerning a vulnerability in its remote desktop product. An issue which affects users who have Windows 7, Windows XP, Windows 2003, Windows Server 2008 R2 and Windows Server 2008. Although this information was distributed to users, there are still around a million internet-facing computers and services which remain unprotected.
Now, less than a month later, the National Security Agency (NSA) have issued a rare advisory warning to Microsoft users to protect against BlueKeep, urging users to update their systems in order to protect their PCs and prevent the rapid spread of this “critical” rated bug.
The NSA fear that a similar situation like ‘WannaCry’ in 2017 – which took down millions of computers – could emerge again due to unprotected PC’s. Commenting on the situation, the NSA added: “This is the type of vulnerability that malicious cyber actors frequently exploit through the use of software code that specifically targets the vulnerability”. Amongst the concerns, the agency’s advisory provided some advice to users urging them to “invest the time and resources to know your network and run supported operated systems with the latest patches”.
BlueKeep reinforces the need to keep your IT infrastructure up to date with only users of Windows 8 and Windows 10 unaffected.
Microsoft is officially ending support for several key products, meaning security updates will cease and more systems will become vulnerable – this is a critical time to consider upgrading your IT estate.