Sci-tech

Million Computers Still Vulnerable to Major Windows Security Exploit

Million Computers Still Vulnerable to Major Windows Security Exploit”

Earlier in May, Microsoft disclosed to its users that a serious security vulnerability - dubbed "BlueKeep" - was found on Windows 7 and other previous versions. A fix has been released and there has been no sign of a worm yet.

The bug has been classified as critical and can now affect systems running Windows XP, 7 and server. "If we look at the events leading up to the start of the WannaCry attacks, they serve to inform the risks of not applying fixes for this vulnerability in a timely manner".

Two weeks after warning about a critical Remote Code Execution vulnerability in Remote Desktop Services, Microsoft is concerned that around a million internet-connected computers remain unpatched and vulnerable to attack.

Microsoft also claimed that only Windows 8 and Windows 10 are not vulnerable to the bug. "We strongly advise that all affected systems should be updated as soon as possible", said Microsoft.

One month later, in May 2017, hundreds of thousands of exposed Windows machines were compromised using the EternalBlue exploit and subsequently infected with the WannaCry ransomware. Additional, Security firm GreyNoise Intelligence warned on May 24 that at least one threat actor is scanning networks looking for systems that are susceptible to BlueKeep. This demonstrates, however, that a determined attacker could take advantage of the vulnerability.

Another independent malware researcher Marcus Hutchins posted a tweet and claimed that it took him "an hour to figure out how to exploit the vulnerability" and four days to develop working exploit code, but he declined to immediately publish the code as he calls it "dangerous". Despite this, attackers could still abuse the RCE flaw if they already have the credentials needed to authenticate on a vulnerable system where RDS is enabled.

"It only takes one vulnerable computer connected to the internet to provide a potential gateway into these corporate networks, where advanced malware could spread, infecting computers across the enterprise", Microsoft said in the blog post. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

As part of the initial warning, Microsoft said that "the vulnerability is "wormable", and that future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017".



Like this

loading...
loading...

Latest


01 June 2019
Redknapp: Solskjaer future depends on Man Utd market campaign
Manchester United need reinforcements on that position after club captain Antonio Valencia leaves at the end of the season. Fernandes is now away on worldwide duty with Portugal ahead of the UEFA Nations League semi-finals next week.

01 June 2019
GOP Redistricting Expert Played Role in New Census Question
The government also directly rebuffed arguments saying that the link to voting rights was a fabricated rationalization. Supreme Court about why it added the citizenship question-voting rights enforcement was but a ruse", Gupta added.

01 June 2019
Bruce Springsteen Drops New Song and Video, ‘Tucson Train’
Springsteen produced the album alongside Ron Aniello, who also plays bass, keyboard, and other instruments. The album was mixed by Grammy victor Tom Elmhirst.

01 June 2019
Bag with human remains found in Maleah Davis search in Arkansas
He remains jailed on a $40,000 bond. "We had a long conversation", Quanell said. "We spoke about his relationship with Brittany". Maleah had been missing from Houston for almost a month before Derion Vence reportedly offered his confession, Fox 26 reported .

01 June 2019
Naomi Osaka stages another great escape at Roland Garros
She appeared doomed when she slipped 4-2 down in the second set after failing to convert three break points in the fourth game. After splitting the first two sets, the two players headed off the court for a short break.

01 June 2019
USA economy grows 3.1% in first quarter
Consumer spending was previously reported to have increased at a 1.2 per cent pace in the first quarter. Growth last quarter was, however, flattered by the volatile export, inventory and defense components.

01 June 2019
Former Arsenal player Reyes dies in auto crash
The 35-year-old, who was playing for Segunda Division side Extremadura , tragically died following a collision on Saturday. He then went on to play for Real Madrid on loan and Atletico before returning to boyhood club Sevilla .

01 June 2019
Lennon delighted to be permanently back at Celtic By Amy Forbes
The energy, total commitment and passion from our supporters, the effort, the talent and desire from our players. Lennon, who was Celtic manager between 2010 and 2014, has been given a 12-month rolling contract.

01 June 2019
Drug lord Frank Lucas, who inspired American Gangster film, dies aged 88
Frank was jailed for a whopping 70 years in prison, but was given a reduced sentence after ratting out other gangsters. His story inspired the Ridley Scott-directed " American Gangster ", which starred Denzel Washington as Lucas.

01 June 2019
India downplays impact of GSP withdrawal on trade relations with US
Trump announced in March that he would be ending the preferential trade accord with India, but did not give a date. Despite several rounds of talks on a comprehensive trade package, there has been no breakthrough, and Mr.