A Million PCs May Be Vulnerable to BlueKeep Malware, Microsoft Urges Users to Patch
Microsoft took the unusual step of issuing a security patch for long since discontinued operating systems like Windows XP and Server 2003 in mid-May. It said at the time that a newly discovered vulnerability in older versions of Windows had the potential to devastate computers on a scale similar to the WannaCry ransomware in 2017. The update has been available for weeks, but many systems remain unpatched, and Microsoft is confident exploits for the “BlueKeep” flaw now exist in the wild.
It took Microsoft years to rid itself of Windows XP support, which it finally did back in 2017. Yet, there are still millions of computers running XP, and many of them are part of critical infrastructure and enterprise environments where newer operating systems won’t work.
When announcing the patch, Microsoft opted to keep details of the flaw (CVE-2019-0708) secret. It said the vulnerability (now known as BlueKeep) was “wormable,” meaning it could spread between infected systems like WannaCry did. All Microsoft would say was that it had something to do with the Remote Desktop component of Windows. Windows 8 and 10 are both fully protected, though.
Security researchers have noted that it was easy to develop exploits for BlueKeep, but they’ve decided not to post proof of concept code as the vulnerability is too dangerous. Still, Microsoft is now “confident” that an exploit exists in the wild. By sending a specially crafted Remote Desktop Protocol (RDP) request, an attacker can run arbitrary code on a computer. That could be used to install malware, steal data, and even lock a system down with ransomware.
A security update addressing CVE-2019-0708 was released on May 14 2019, but recent public reports indicate nearly one million computers are still vulnerable.
Microsoft strongly advises that all affected systems should be updated as soon as possible. https://t.co/lRaCfWgivs
— Security Response (@msftsecresponse) May 31, 2019
Currently, security experts have estimated that about one million Windows boxes connected directly to the internet are vulnerable to BlueKeep. That may just be the tip of the iceberg — a vulnerable machine could act as a gateway into internal networks where there are more wormable systems.
Simon Pope, Microsoft’s director of Incident Response is again urging everyone to update their systems with the latest patch. Windows 7 and newer server platforms have all been updated automatically, but Windows XP and Server 2003 need a manual update. Many of those systems are probably on autopilot without anyone on hand to seek out new patches. A BlueKeep worm could be inevitable at this point.
Continue reading
New Intel Rocket Lake Details: Backwards Compatible, Xe Graphics, Cypress Cove
Intel has released a bit more information about Rocket Lake and its 10nm CPU that's been back-ported to 14nm.
Time to Update: Google Patches 2 Severe Zero-Day Chrome Vulnerabilities
Unlike the last few zero-days, Google didn't find these security holes itself. Instead, it was tipped by anonymous third-parties, and the problems are severe enough that it hasn't released full details. Suffice it to say, you should stop putting off that update.
Early Adopters of Apple M1 Macs Should Be Cautious About Compatibility
Apple's new MacBooks and Mac mini have made waves, partly thanks to the new silicon inside of them. Apple's new ARM ecosystem, however, is not without its growing pains.
Android 12 Could Include Major App Compatibility Improvements
Google has attempted to centralize chunks of Android over the years, and a major component called ART is set to get this treatment in Android 12. The result could be vastly improved app compatibility, which is sure to make everyone happy.