CISA joins the NSA in advising legacy Windows users to patch against BlueKeep vulnerability
In context: Microsoft has been trying its best to convince legacy Windows OS users (7 or older) to patch their machines against a serious new RDP vulnerability dubbed “BlueKeep.” BlueKeep is particularly dangerous due to its “wormable” nature — attacks that utilize it could spread across machines without direct action.
In terms of severity, BlueKeep has been compared to WannaCry; a series of ransomware attacks that took place in 2017. Unfortunately, despite the danger BlueKeep poses to users, many Windows customers have not bothered to patch their systems (though fixes have existed for some time now).
As we mentioned recently, roughly one million machines were still vulnerable to BlueKeep exploits. For one reason or another, Microsoft’s warnings simply haven’t been enough to convince everybody to get on board.
Fortunately, the tech giant received a helping hand earlier this month when the NSA issued its own BlueKeep advisory. “We have seen devastating computer worms inflict damage on unpatched systems with wide-ranging impact, and are seeking to motivate increased protections against this flaw,” the organization said at the time.
Now, just in case the NSA’s word wasn’t enough, Microsoft is getting even more assistance with spreading the word: the US’ Cybersecurity and Infrastructure Security Agency (CISA) has issued an “Activity Alert” that also warns users to patch their PCs against BlueKeep.
“CISA encourages users and administrators review the Microsoft Security Advisory and the Microsoft Customer Guidance for CVE-2019-0708 and apply the appropriate mitigation measures as soon as possible,” the Alert reads.
Though not stated in their official alert, Engadget says the CISA tested a “working vulnerability” to prove that BlueKeep is indeed exploitable — perhaps that will convince any remaining stubborn users to install fixes for their machine, but only time will tell.
Image courtesy: EFFRA, Harvard University