NSA warns that ‘BlueKeep’ vulnerability in Windows XP and Windows 7 is especially dangerous - nethertonwitesse

Leo Wolfert / Getty Images

The National Security Office is warning users that a recent vulnerability affecting Windows 7 and Windows XP systems is potentially "wormable," import that information technology could be employed and weaponized by malware.

Microsoft issued an alert in middle-May almost a Outside Code Execution exposure, known as CVE-2019-0708, that can affect  Windows 7, Windows XP, Windows 2003, Windows Host 2008 R2, and Windows Server 2008. Since then, the vulnerability has been nicknamed "BlueKeep." Microsoft issued a BlueKeep patch for Windows 7, and another BlueKeep dapple for Windows XP. Microsoft strongly urges users to patch strained systems.

That's because code designed to overwork the exposure could spread pre-hallmark and without any user interaction. These are prime genteelness conditions for a insect similar to the spread of WannaCry, Microsoft warned. WannaCry took down millions of computers in 2017, using an unsophisticated yet pervasive attack that pussy computers with ransomware.

The National Security Agency is concerned that this could happen again. "This is the type of vulnerability that malicious cyber actors ofttimes exploit through and through the use of software code that specifically targets the vulnerability," the NSA wrote. "For example, the vulnerability could constitute exploited to conduct denial of Robert William Service attacks. It is potential sole a matter of sentence before remote exploitation code is widely available for this vulnerability. National Security Agency is concerned that malicious cyber actors will use the vulnerability in ransomware and exploit kits containing other identified exploits, increasing capabilities against other unpatched systems."

Though more than two weeks have elapsed since the vulnerability was discovered, Microsoft warned that cybercriminals often don't move that quickly. EternalBlue, the vulnerability that allowed WannaCry to fall out, took a total of ii months from the time that the vulnerability was discovered to the time IT took to exploit it. "Despite having nearly 60 years to patch their systems, many customers had not," Microsoft said.

Naturally, Microsoft is taking the opportunity to encourage customers to migrate from older operating systems to Microsoft's latest OS, Windows 10. Though Microsoft took the unusual stone's throw of publishing a BlueKeep patch for Windows XP, Windows 7 ends its support lifespan this advent January.

"Customers running Windows 8 and Windows 10 are not affected by this vulnerability, and IT is no more coincidence that later versions of Windows are unaffected," Microsoft wrote. "Microsoft invests heavily in strengthening the security of its products, much through major architectural improvements that are not possible to backport to earlier versions of Windows. "

Note: When you purchase something after clicking links in our articles, we may pull in a small commission. Learn our affiliate link insurance policy for more inside information.

• Security
• Windows
• Microsoft
• Business
• Small and Culture medium Business
• Windows 7
• Windows XP

As PCWorld's senior editor, Mark focuses on Microsoft news and chip technology, among other beatniks. He has formerly scripted for PCMag, BYTE, Slashdot, eWEEK, and ReadWrite.

Source: https://www.pcworld.com/article/397572/nsa-warns-that-bluekeep-vulnerability-in-windows-xp-and-windows-7-is-especially-dangerous.html

Posted by: nethertonwitesse.blogspot.com

Share this post