Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 18 submissions in the queue.
posted by martyb on Saturday May 25 2019, @07:10AM   Printer-friendly
from the maybe-we-*should*-be-worried dept.

It has been nine days since Microsoft patched the high-severity vulnerability known as BlueKeep, and yet the dire advisories about its potential to sow worldwide disruptions keep coming.

Until recently, there was little independent corroboration that exploits could spread virally from computer to computer in a way not seen since the WannaCry and NotPetya worms shut down computers worldwide in 2017. Some researchers felt Microsoft has been unusually tight-lipped with partners about this vulnerability, possibly out of concern that any details, despite everyone's best efforts, might hasten the spread of working exploit code.

Until recently, researchers had to take Microsoft's word the vulnerability was severe. Then five researchers from security firm McAfee reported last Tuesday that they were able to exploit the vulnerability and gain remote code execution without any end-user interaction. The post affirmed that CVE-2019-0708, as the vulnerability is indexed, is every bit as critical as Microsoft said it was.

"There is a gray area to responsible disclosure," the researchers wrote. "With our investigation we can confirm that the exploit is working and that it is possible to remotely execute code on a vulnerable system without authentication."

Story:
https://arstechnica.com/information-technology/2019/05/why-a-windows-flaw-patched-nine-days-ago-is-still-spooking-the-internet/

Further Reading:
https://arstechnica.com/information-technology/2019/05/microsoft-warns-wormable-windows-bug-could-lead-to-another-wannacry/

Entry in the "Common Vulnerabilities and Exposures" database: CVE-2019-0708.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Insightful) by Runaway1956 on Saturday May 25 2019, @07:17AM (3 children)

    by Runaway1956 (2926) Subscriber Badge on Saturday May 25 2019, @07:17AM (#847531) Journal

    Upgrade to *nix and stop worring.

    Starting Score:    1  point
    Moderation   +2  
       Insightful=2, Total=2
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4  
  • (Score: 2) by isostatic on Saturday May 25 2019, @12:52PM

    by isostatic (365) on Saturday May 25 2019, @12:52PM (#847567) Journal

    I don't pay much attention to windows as I haven't run it for nearly 2 decades, however I believe some people still run windows, and those machines are connected to a lot of high speed broadband lines, which has the potential to flood my logs, and use a lot of inbound traffic even if I DROP rather than REJECT the packets.

  • (Score: 1) by pTamok on Saturday May 25 2019, @02:18PM

    by pTamok (3042) on Saturday May 25 2019, @02:18PM (#847592)

    I don't worr much any now, if at all, so it's pretty much irrelevant to me. I followed Churchill's advice - jorr-jorr is better than worr-worr, so these days I joor-joor. You should try it.

  • (Score: 2) by driverless on Sunday May 26 2019, @02:31AM

    by driverless (4770) on Sunday May 26 2019, @02:31AM (#847778)

    Turn off RDP and stop worrying. In fact why would you ever have RDP active and exposed to the Internet in the first place?