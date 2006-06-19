from the make-sure-your-backups-are-current dept.
NSA warns Microsoft Windows users of cyber-attack risk
The US National Security Agency (NSA) has warned Microsoft Windows users to make sure they are using updated systems to guard against cyber-attacks.
US officials and Microsoft executives say older versions of the programs may be vulnerable to malware. In the advisory, NSA officials said a flaw known as "BlueKeep" exists in past editions of Microsoft Windows.
Last week Microsoft warned that "some older versions of Windows" could be vulnerable to cyber-attacks. "All customers on affected operating systems [Windows 7 and earlier] should update as soon as possible," said Microsoft.
US officials said the "BlueKeep" flaw could leave computers vulnerable to infection by viruses through automated attacks or by the downloading of malicious attachments.
According to HelpNetSecurity:
An unauthenticated BlueKeep network scanner tool has been released and so has a Metasploit module for unauthenticated checking for the vulnerability.
And, from ZDNet:
Intense scanning activity detected for BlueKeep RDP flaw. A threat actor hidden behind Tor nodes is scanning for Windows systems vulnerable to BlueKeep flaw.
Official entry on the Common Vulnerabilities and Exposures database: CVE-2019-0708.
Previously:
Microsoft Issues Urgent Windows XP Patch to Prevent WannaCry-Style Attack
Why a Windows Flaw Patched Nine Days Ago is Still Spooking the Internet
Microsoft has issued a critical Windows update to older machines to prevent a vulnerability which could allow attacks to spread in a similar way to WannaCry.
The computing giant has taken the drastic and unusual step of providing a fix to systems it no longer supports, including Windows XP – its popular operating system released almost 18 years ago.
Microsoft says the vulnerability affects a part of the Remote Desktop Services feature on some previous versions of Windows, which could allow devastating malware attacks to pass from vulnerable computer to vulnerable computer, as WannaCry did.
WannaCry notably hit parts of the NHS in May 2017, disrupting 80 trusts across England alone because they were either infected by the ransomware or had turned off their devices or systems as a precaution.
[Update: The official Microsoft announcement should have been included in the story. Please be aware this warning applies only to older version of Windows; Windows 8 and 10 are not affected. (Hat tip to user "All Your Lawn Are Belong To Us") --martyb]
Source: https://techerati.com/news-hub/microsoft-issues-urgent-windows-xp-patch-to-prevent-wannacry-style-attack/
It has been nine days since Microsoft patched the high-severity vulnerability known as BlueKeep, and yet the dire advisories about its potential to sow worldwide disruptions keep coming.
Until recently, there was little independent corroboration that exploits could spread virally from computer to computer in a way not seen since the WannaCry and NotPetya worms shut down computers worldwide in 2017. Some researchers felt Microsoft has been unusually tight-lipped with partners about this vulnerability, possibly out of concern that any details, despite everyone's best efforts, might hasten the spread of working exploit code.
Until recently, researchers had to take Microsoft's word the vulnerability was severe. Then five researchers from security firm McAfee reported last Tuesday that they were able to exploit the vulnerability and gain remote code execution without any end-user interaction. The post affirmed that CVE-2019-0708, as the vulnerability is indexed, is every bit as critical as Microsoft said it was.
"There is a gray area to responsible disclosure," the researchers wrote. "With our investigation we can confirm that the exploit is working and that it is possible to remotely execute code on a vulnerable system without authentication."
Story:
https://arstechnica.com/information-technology/2019/05/why-a-windows-flaw-patched-nine-days-ago-is-still-spooking-the-internet/
Further Reading:
https://arstechnica.com/information-technology/2019/05/microsoft-warns-wormable-windows-bug-could-lead-to-another-wannacry/
Entry in the "Common Vulnerabilities and Exposures" database: CVE-2019-0708.
