The current threat landscape brings new dangers to corporate cybersecurity with the BlueKeep ransomware.
The United States National Security Agency (NSA) is on alert for this dangerous computer virus, notifying the importance of updating Windows operating systems through various means.
This warning comes through the discovery of a critical vulnerability of the famous operating system, called “BlueKeep.”
Who is BlueKeep?
It is a security vulnerability that directly affects older versions of Windows operating systems.
This dangerous virus is associated with the Wanna Cry ransomware. The ransomware, which wreaked havoc in 2017 for its “Information hijacking” methods and easy propagation throughout the world.
The first note of BlueKeep security vulnerability by the National Cyber Security Center of the United Kingdom. And, later on, May 14, 2019, the report was by Microsoft.
Microsoft explains that it is a remote code execution vulnerability in Remote Desktop Services. Formerly known as Terminal Services, which occurs when an unauthenticated attacker connects to the target system using the Remote Desktop Protocol (RDP) and sends Specially designed requests.
As of June 1, 2019, it seems that no active malware of the vulnerability is publicly known; however, computer experts may have unused proof of concept (POC) codes that exploit the vulnerability.
Right now, BlueKeep could be affecting your device.
Nearly one million Windows systems have not yet installed the security patch to fix the BlueKeep security bug.
A few days ago, the computer giant launched the security patch to fix the BlueKeep vulnerability. However, the estimation says that there may be no update about one million Windows systems.
The lack of culture and misinformation in matters of computer security in companies makes these viruses even more dangerous. The Silicon portal recently warned that the WannaCry ransomware continues to infect computers, due to the lack of security patch updates.
And two weeks after the release of the CVE-2019-0708 ‘BlueKeep’ vulnerability, there are many users who still do not correct this problem, according to Computing.
How Does it work?
The Redmond company specifies that this vulnerability does not require user interaction because it is ‘wormable.’
That is, it can cause any malware that exploits the vulnerability to spread from one vulnerable system to another automatically, like the spread of WannaCry and NotPetya.
Besides, the attacker can take advantage of the gap to execute arbitrary codes on the target system.
In this way, the cybercriminal could install programs, view, change, or delete data or create new accounts with full user rights. To do this, the hacker would have to send a specially designed request to the “Remote Desktop Service” target systems through RDP.
The best example of the relevance that Microsoft grants to this vulnerability are that it has released a security patch even for Windows XP. Although it stopped supporting this operating system more than five years ago. It has also launched it for other unsupported systems, such as Windows Vista and Windows Server 2003.
How to protect yourself from BlueKeep?
As we know, to this point, the most dangerous thing, in this case, is to have a computer that does not have Windows 10.
If the system of your PC or your laptop is up to date, you should not worry too much. And just follow the updates that the company is marking and do not skip any. But, if you have a previous computer, you better pay attention.
As there are still so many devices that work with Windows XP (including numerous business machines, public institutions, or ATMs) Microsoft has been forced to release patches for these systems that have long been left behind.
These updates may have reached your team sent by the company itself. But if you do not find them, you have all the patches on this link. You just have to download the one that matches your version of Windows and install it.
Also Read: 7 Reasons Why Organizations Need Secure Emails