Windows users must patch PCs against BlueKeep, NSA warns

Windows 7
Image credit: TechRadar

The NSA (National Security Agency in the US) has gone as far as to actively warn users of older versions of Windows that unless they are patched, their systems are open to a major attack which could potentially be the next WannaCry.

This is about the BlueKeep vulnerability which Microsoft warned on a week ago (and a few week back, prior to that), which affects Windows 7 machines (and other older versions of Microsoft’s OS including Windows XP, Server 2003 and 2008).

Windows 10 (and the minority of Windows 8) users are not affected.

In a cybersecurity advisory, the NSA warned users of these operating systems to make sure they are using a “patched and updated system” in the face of what it describes as growing threats.

As the NSA further points out, the danger with BlueKeep – a vulnerability known as CVE-2019-0708, affecting Windows Remote Desktop Services – is that it’s ‘wormable’, meaning it can spread from computer to computer online under its own steam, with the user not having to do anything.

In other words, you don’t need to click the wrong link, or open a malicious attachment; it can conceivably just arrive on your PC if it’s unprotected and online.

Looming ransomware disaster?

This is what happened with the infamous WannaCry ransomware, which was spread using the EternalBlue exploit, with BlueKeep being another hole that could potentially usher in a similar campaign with all its disastrous implications.

And what the NSA is particularly worried about is the fact that “although Microsoft has issued a patch, potentially millions of machines are still vulnerable”.

Ransomware is one of the nastiest things to get on your PC, and it’s even more crippling for a business to be hit by this sort of attack, and the NSA is clearly worried. As the BBC notes, NSA advisers are also spreading ‘patch and protect’ warnings on their own Twitter accounts, for example.

As yet, there is no evidence that the security flaw has been actively exploited, but the danger is that the longer this drags on, the more likely that some bad actor will actually manage to make nefarious use of the BlueKeep vulnerability.

And if it is weaponized and launched into the wild, with ‘potentially millions’ of PCs still open to the attack, well, that’s obviously going to be very bad news…