BlueKeep: The Microsoft Vulnerability Putting Millions at Risk

On May 14, Microsoft released a critical software update patch for its Remote Desktop Protocol (RDP). This update addressed significant vulnerabilities in older Windows operating systems, including Windows Server 2008, Windows Server 2003, Windows 7, Windows XP, and Windows Vista. Recently, the National Security Agency (NSA) urged system administrators to apply these patches promptly, emphasizing the importance of using updated systems to counter growing threats.

The Scope of the BlueKeep Threat

The NSA has identified around one million internet-facing machines that remain vulnerable to this threat, now known as “BlueKeep”. If exploited, this vulnerability could allow hackers to launch malware attacks capable of spreading across networks to other vulnerable computers. Many security experts believe that BlueKeep could be weaponized quickly, similar to the WannaCry attack in 2017, which resulted in losses of up to 4 billion dollars.

The Importance of System Updates and Replacements

It is crucial for businesses to be aware of which systems need updates or replacements. Regular scans can help identify vulnerabilities, but many businesses continue to use old equipment that they believe functions adequately. The primary issue with these systems is that once they reach their End of Life (EOL) or End of Support (EOS), vendors no longer provide updates, leading to critical security vulnerabilities that cannot be patched.

In the case of the BlueKeep RDP vulnerability, Microsoft considered it so severe that they took the unprecedented step of releasing patches for EOL and EOS operating systems.

The Critical Role of Patch Management

Maintaining a robust patch management program is essential for any business. However, patching alone may not be sufficient. Businesses that work with CyberHoot gain access to a Vulnerability Alert Management Process (VAMP), which outlines response priorities for critical patches and vulnerabilities like BlueKeep.

Over half of attackers exploit software vulnerabilities as gateways to company information systems. VAMP enables organizations to assess their vulnerabilities, weaknesses, and potential threats, and mitigate them according to a pre-agreed timetable. It enforces controls on timelines for planning and remediation, and clarifies lines of responsibility, all codified before the pressure of a rampant worm or weaponized vulnerability like WannaCry.

Taking Action Against Cyber Threats

CyberHoot assists businesses in building and enhancing cybersecurity programs, including critical processes like VAMP and Patch Management. They also automate governance and train employees with robust cybersecurity policies and awareness programs. As employers and resellers, it is imperative to protect critical accounts and data; hackers only need to succeed once to cause a costly cyber incident or breach.

Improve your odds of success by visiting CyberHoot and signing up for a free 30-day trial to begin closing the cybersecurity skills gap by training your employees. Their 5-minute Cyber “Hoots” teach your staff about: