You know a cybersecurity threat is serious when the National Security Agency concerns itself with it. The latest warning from the NSA is about the BlueKeep vulnerability, a security threat that affects computers running the Windows operating system.
If you haven’t heard of it yet, and what you need to do to protect yourself against it, read on to find out what this exploit is about, and how it affects you.
What is The BlueKeep Vulnerability
The BlueKeep vulnerability is a wormable threat, but unlike other such threats, this particular one has a 9.8 out of 10 CVSS (Common Vulnerability Scoring System) rating, akin to the WannaCry ransomware of 2017.
Its wormable demeanor means that BlueKeep can spread through networks to other computers, and grow in the same way WannaCry did when it spread in a few hours affecting computers across 150 countries.
Initially, security researchers who Microsoft has been collaborating with saw the threat’s honeypot crashes caused by a BlueKeep exploit module, suggesting an attack in the offing.
Up until October 9, things were relatively silent, and then similar crashes occurred. A report from Microsoft’s security research team states that they “found that an earlier coin mining campaign in September used a main implant that contacted the same command-and-control infrastructure used during the October BlueKeep Metasploit campaign.”
How BlueKeep Vulnerability Works
Microsoft issues regular updates to fix bugs and plug any security holes, but the BlueKeep bug is dangerous as it can allow hackers to run code like ransomware or any type of malware on a computer.
It does this by allowing the hackers to exploit your computer’s Remote Desktop Protocol without a password or any interaction on your part.
The software vulnerability targets and affects older Windows versions, and this is a significant risk as such computers may be connected to others over a network connection. The effect of this is that the threat could spread much faster than you could deal with it.
However, the threat is yet to reach fruition, as it's targeted mostly at unpatched Windows systems with RDP 3389 ports exposed to the internet, which leaves them vulnerable.
The Microsoft Defender ATP Research Team has however warned that the attackers could use the exploit to deliver payloads that are more impactful and damaging than coin miners to the hundreds of thousands of vulnerable computers.
How BlueKeep Vulnerability Affects You
If you’re a Windows user, you need to patch your version of Windows right now, if you haven’t already. This is an alert from the Microsoft Security Intelligence, a global network of security experts, concerning the BlueKeep exploit whose activity they spotted first in early September 2019.
The BlueKeep threat has been introduced, which means that the over one million computers that are currently vulnerable and online could experience a possible mass cybersecurity attack if no action is taken.
This is why you should update your computer with the latest security update to protect it, particularly if you’re using Windows 7, Vista, XP, Windows Server 2003 or 2008/2008 R2 systems.
Users running Windows 8 or 10 won’t be affected, but it’s still better to enable automatic updates, and keeping your machine secure against possible threats in the future.
When to Apply The Windows BlueKeep Security Patch
If your computer is running an out-of-support version of Windows, other than Windows 8 or 10, download and apply the software updates or patch right now to address the BlueKeep vulnerability. Alternatively, upgrade to the latest Windows version to stay automatically updated and protected.
You can find the version-supported downloads in the Microsoft Security Response Center, though Microsoft says it's in the process of providing fixes for older versions too.
Also on Guiding Tech
How to Protect Your Computer From The BlueKeep Vulnerability
Here are some safety and security measures to take to keep you, your computer and data safe from the BlueKeep vulnerability and other such attacks in the future:
Update your current Windows version with the security patch, or upgrade to Windows 8 or 10.
Update other devices running Windows as these too are vulnerable.
Have an updated and robust antivirus or security software running the latest version.
Backup your files to protect against BlueKeep and other malware threats, but also against hardware breakdown that could cause you data loss.
Note: Most outdated or old versions of Windows are particularly vulnerable to several types of threats, besides BlueKeep. As much as there’s a patch for this current wormable threat, you may not generally find bug fixes for your out-of-support version of the system anymore. This is why you’re better off upgrading to Windows 8 or Windows 10.
Stay Safe Out There
Now that you know about the BlueKeep vulnerabilility and its potential to becoming something like the WannaCry attack of 2017, it's best to take time and make sure you stay protected. Action the above safety and security measures today to keep you, your machine and your sensitive data protected against this and other possible attacks.
Next Up: Ever heard of the Krack Wi-Fi vulnerability? Our next article explains more about Krack, what hackers can and cannot do using it, and how to protect yourself against it.