Monday, November 11, 2019

The NSA is urging Windows users to update their computers ASAP

SourceBGR

In an advisory published this week, the NSA has urged “Microsoft Windows administrators and users to ensure they are using a patched and updated system in the face of growing threat.” That threat being BlueKeep, which has already been the focus of multiple “update now” warnings from Microsoft itself.

The NSA warning comes off the back of research that revealed just under one million internet-facing machines are still vulnerable to BlueKeep on port 3389, used by the Microsoft Remote Desktop feature, with nobody knows how many devices at risk within the internal networks beyond. The potential is certainly there for this threat, if exploited, to be on the scale of WannaCry.

The NSA’s advisory notes that Bluekeep is a vulnerability in the remote desktop feature on legacy versions of Windows. “The National Security Agency is urging Microsoft Windows administrators and users to ensure they are using a patched and updated system in the face of growing threats,” the advisory reads.

Microsoft, it continues, has warned that the Bluekeep flaw “is potentially ‘wormable,’ meaning it could spread without user interaction across the internet. We have seen devastating computer worms inflict damage on unpatched systems with wide-ranging impact, and are seeking to motivate increased protections against this flaw.”

The advisory notes that these are the affected versions of Windows:

  • Windows XP
  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7
  • Windows Server 2008 R2

Microsoft has issued a patch, but millions of machines are reportedly still vulnerable. The NSA says it’s concerned that hackers will use this vulnerability in ransomware and exploit kits that contain other known exploits, increasing their capabilities against other unprotected systems. The Bluekeep vulnerability could also be used to conduct denial of service attacks, according to the agency.

“NSA urges everyone to invest the time and resources to know your network and run supported operating systems with the latest patches,” the advisory continues, also noting that Windows 10 systems are protected against the flaw and that it only affects the named older versions of Windows. “This is critical not just for NSA’s protection of National Security Systems but for all networks.”

TRENDING

Motorcyclists Injured In Roseau Collision

Two males on a motorcycle were injured Sunday afternoon after a collision with a truck, on the Roseau stretch emergency officials say. Photos posted on...

Two Held In Shooting Of Mon Repos Businessman

Two persons are currently in police custody assisting with investigations into Saturday evening's shooting of Mon Repos businessman, Andrew Joseph, alias Mr. Mow Weng,...

Concern Over Minor Females In ‘Compromising Situations’ At City Parks

The local advocacy group, Raise Your Voice Saint Lucia, has expressed concern about the number of minor females, many in school uniform,  who are...

76 Year Old Businessman Shot In Micoud

A 76 year old male was shot in the lower abdomen Saturday evening during a robbery, it has been reported. The victim has been identified...