Advertisement

News

BlueKeep security issue threatens nearly one million Windows users

Jeremy Milliner

Published

There’s a reason people update to new versions of Windows: Old versions don’t get updated, and that makes them more susceptible to issues, both internal and external. While not every Windows update is a move forward, transitioning to a newer OS is almost always a smart step. Google is making the same assertion, too: If you haven’t upgraded to Windows 8 or 10, now’s a very good time; anything older is now putting you at risk.

Microsoft

Windows 10 Download
7
Update to a safer OS

The BlueKeep vulnerability

Just like old browsers are full of holes for malware to enter, an old OS can start becoming fallible as new threats emerge and evolve. Technically known as CVE-2019-0708, BlueKeep is a remote code execution vulnerability that exists in Remote Desktop Services. It’s when an unauthenticated attacker connects to a target system using RDP, and then starts sending requests. A successful hack attempt could then start to inflict arbitrary code on the targeted system, installing programs, deleting data, or creating new accounts that still mimic your user rights. It’s a nasty pre-authentication vulnerability in older Windows Operating Systems, and therefore doesn’t require any user interaction before it latches on.

Which OS is at risk?

Anything less than Windows 8. So if you’re running 7, 2008 R2, Vista, Server 2008, or XP, BlueKeep leaves your computer open to infection. How many people are running these old versions of Windows? Almost a million, Microsoft discovered in a recent report. Frighteningly, that’s not even including the computers on corporate networks. Errata Security predicts that anyone using an older OS probably has a month or two before BlueKeep worms its way in.

How to tell if you’re already infected

If you’re running an older OS, now’s the time to upgrade. In the meantime Errata Security’s Rob Graham has put together binaries on Github to scan for BlueKeep. If you think your PC might be infected, go to the link in his tweet and run the scan:

Hopefully, both your computer and network have not been compromised, but trust us – you don’t want to procrastinate on things like this. Get Windows 8 or 10 today and stay secure!

You may also like