800,000 systems still vulnerable to Bluekeep

Get a free Techzine subscription!

Over 800,000 systems are still vulnerable to Bluekeep, states security company BitSight Technologies. This is a vulnerability found in older versions of Microsoft’s Remote Desktop Protocol (RDP).

The Bluekeep vulnerability, also known as CVE-2019-0708, was discovered in May at the May 2019 Patch Tuesday. The problem with Bluekeep is that the error is wormable. This means that hackers and malware can use the vulnerability to replicate and spread themselves.

The vulnerability in Microsoft RDP gives unauthorized access to computers running Windows XP, Windows 7, Windows Server 2003 and Windows Server 2008. Newer versions of Windows are not affected. On May 14, a patch came out for the problem.

Initially, it was thought that nearly 7.6 million Windows systems connected to the Internet could be attacked. Later in May, it turned out that there were almost a million Windows computers involved. Now that number has dropped by 17% to 800,000 systems, says Silicon Angle.

Not enough

Although the number of non-patched systems has decreased since May, it is simply not enough, says CSO Bob Huber of security company Tenable. There is a lot of fear, confusion and doubt in the security industry, but that is not the case here. Organizations and users should not dismiss this as a hype. This vulnerability is no joke; BlueKeep has all the features to become the next WannaCry or NotPetya.

Richard Gold, the head of security engineering at Digital Shadows, has a possible explanation for the unpatched systems. Gold has spoken to some customers and one major problem is finding all the vulnerable machines. In addition, they have to be taken offline for the patch, which is certainly problematic if there is no hot standby.

Hackers actively search for Bluekeep

Meanwhile, hackers are actively looking for systems that they can exploit with the Bluekeep vulnerability, Check Point stated in June. The security specialist is afraid that the scans – which come from different countries – are the first sign of a large-scale attack.

Security researchers from different companies therefore recommend installing the Microsoft patch. Patched systems are not affected by Bluekeep. The patch is also released for Windows XP that is no longer supported.

This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.